ClawHub

AiPPT-skill

Security checks across malware telemetry and agentic risk

Overview

This PPT-generation skill appears purpose-aligned, but users should understand that prompts, uploaded files, and URLs may be sent to AiPPT's external service.

Install only if you trust AiPPT with the material you ask it to process. Avoid using confidential, regulated, or internal-only documents or URLs unless your organization permits sending them to AiPPT, and review generated files before sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger conditions are broad enough that normal conversational requests about presentations or slides could invoke the skill without clear user intent. In this skill's context, accidental activation matters because it can lead to external API calls, document processing, URL fetching, and template/workflow actions on user content that may be more sensitive than a simple chat response.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill supports document upload and URL-based generation but does not require an explicit user-facing notice that files, document contents, and fetched link data will be transmitted to a third-party service for parsing and generation. This is dangerous because users may unknowingly expose confidential documents, internal URLs, or regulated data to an external processor, increasing privacy, compliance, and data-leakage risk.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The reference-document workflow uploads user-supplied local files to the remote AiPPT service using multipart form data, but the script provides no explicit user-facing warning or consent checkpoint at the point of transmission. In an agent-skill context, users may assume files are processed locally, so silent exfiltration of potentially sensitive documents to a third party is a real privacy and data-handling risk.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger list contains very broad generic terms such as "PPT", "presentation", "slides", and common phrases like "create PPT" that can match ordinary user requests and cause unintended invocation. In a skill that can upload documents, generate files, and call external APIs using configured credentials, overbroad activation increases the chance of accidental data sharing or unexpected external actions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal