ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

officecli-pitch-deck

v1.0.2

Use this skill when the user wants to create a pitch deck, investor presentation, product launch deck, sales presentation, or business proposal in PowerPoint...

0· 54·0 current·0 all-time
by瓦砾@iceyliu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill purports to build .pptx pitch decks and the SKILL.md contains detailed batch commands for an 'officecli' tool — building slides legitimately requires a CLI. However, the registry metadata lists no required binaries, even though the runtime instructions assume and attempt to install 'officecli'. This mismatch between declared requirements and the instructions is a coherence issue.
!
Instruction Scope
The runtime instructions explicitly tell users/agents to download and execute a remote install script (curl raw.githubusercontent.com ... | bash) and provide a PowerShell equivalent. That step executes arbitrary code fetched from the network. Beyond installation, the instructions reference only slide-building commands and local variables (colors, files), not any unrelated system files or credentials.
!
Install Mechanism
There is no formal install spec in the package; installation is delegated to an inline curl->bash invocation against raw.githubusercontent.com (iOfficeAI/OfficeCli). While GitHub raw is a common host, curl|bash of a remote script is higher-risk than a reviewed package or package-manager install. The skill will write and execute remote code on the host if followed.
Credentials
The skill does not request credentials, config paths, or secret environment variables. It only uses harmless local shell variables (color palettes) and file paths for creating slides, which are proportionate to its stated purpose.
Persistence & Privilege
The skill is instruction-only, has always:false, and does not request persistent privileges or modify other skills. Note: disable-model-invocation is false (normal), so an agent could try to run the install commands autonomously if allowed — combine this with the install concerns above.
What to consider before installing
This skill appears to be what it says (a recipe for building pitch decks) but it tells you to download and run an installer script from a remote GitHub raw URL using curl|bash (and a PowerShell equivalent). Before running or allowing an agent to run those commands: (1) review the install.sh / install.ps1 contents in the iOfficeAI repository to ensure nothing unexpected is executed; (2) prefer installing officecli via your platform's package manager or an official release asset with checksum/signature if available; (3) verify the GitHub repo ownership and recent commit history; (4) run the installer in a sandbox/container or on an isolated machine if you must; (5) if you plan to let an autonomous agent run this skill, restrict its ability to execute shell commands or disable autonomous invocation until you vet the installer. The main practical inconsistency is that the package metadata omitted 'officecli' as a required binary while the instructions attempt to install it — ask the publisher to correct the metadata and to provide an auditable install mechanism (release tarball with checksums or a package-manager distribution).

Like a lobster shell, security has layers — review code before you run it.

latestvk9719w7gc197z0j3v9sz1y4x29840hg5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments