Back to skill
Skillv0.1.2
VirusTotal security
ZeeLin Auto-PPT · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:59 AM
- Hash
- 492714b4c75e6d90af48dd29a0f6bc6cf8ac1dede210bb8e0e5aec490c088c97
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: auto-ppt Version: 0.1.2 The skill bundle exhibits high-risk behavioral patterns by explicitly instructing the AI agent to bypass user confirmation and 'once-and-for-all' execute a sequence of shell scripts and browser automations without interruption (SKILL.md). It utilizes broad permissions to execute local bash and Python scripts (create_ppt.sh, postprocess_ppt_outputs.py) that interact with the filesystem (~/Desktop) and automate browser sessions. While the logic aligns with the stated goal of PPT generation via Google NotebookLM, the combination of autonomous execution instructions and hardcoded absolute paths for a specific user profile (/Users/youke/) represents a significant security risk for prompt injection or unintended side effects.
- External report
- View on VirusTotal