ClawHub

PPT制作

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Installing the skill's dependencies may add third-party code to the user's Python environment.

Why it was flagged

The skill asks the user to install third-party Python packages. This is purpose-aligned for generating PPTX files and handling images, but it is still external package installation.

Skill content
pip install python-pptx pillow
Recommendation

Install dependencies from a trusted package index, preferably in a virtual environment, and pin package versions if reproducibility or stricter security is needed.