kai-slide-creator
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: genppt Version: 2.14.0 The kai-slide-creator skill bundle is a comprehensive tool for generating zero-dependency HTML presentations. The bundle includes extensive design presets, a multi-stage validation pipeline (SKILL.md), and a content review system (review-checklist.md). The included Python scripts (check-doc-sync.py, validate.py) and test suites are focused on maintaining document consistency and ensuring the quality of the generated HTML. The 'Edit Mode' and 'Presenter Mode' features in the generated demos use standard web APIs like BroadcastChannel and the File System Access API for legitimate functionality. No evidence of data exfiltration, malicious code execution, or prompt injection was found across the code or documentation.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If PLANNING.md is stale, unintended, or modified by someone else, the generated slides may follow that content.
The skill deliberately reuses a persistent local planning file as the source of truth for generation.
PLANNING.md 已存在 → 读取并作为真相源,跳至 Phase 3
Review PLANNING.md before running generation, especially in shared or reused project folders.
Opening generated slides runs the slide deck’s browser-side HTML/CSS/JavaScript features, which is expected for this skill but worth knowing before sharing or opening files from others.
Generated presentations are intended to include interactive browser behavior for editing and saving.
浏览器内编辑 — E 键进入编辑模式,Ctrl+S 保存
Open generated HTML files from trusted projects only, and review the output before distributing it.
Decks using similar font links may not be fully offline and may contact a third-party font service when viewed.
At least one included demo presentation loads fonts from Google, creating an external browser request when opened.
<link rel="preconnect" href="https://fonts.googleapis.com">
If offline operation or strict privacy is required, remove external font links or replace them with local/system fonts in generated presentations.
The provided instructions do not explain why OAuth would be needed for a slide generator, so users should notice any permission prompt that appears.
The capability signal mentions OAuth even though the registry requirements declare no primary credential or required environment variables.
requires-oauth-token
Do not grant OAuth access unless the installer or runtime clearly explains which account, scopes, and actions are required.