ClawHub

PPT Presenter — 带逐字稿的演讲级PPT生成器

Security checks across malware telemetry and agentic risk

Overview

This slide-generation skill is not clearly malicious, but it should be reviewed because it may send presentation content to Gemini and asks for API-key handling without enough safeguards.

Review before installing. Use it only for presentations you are comfortable sending to a third-party image-generation provider, avoid confidential customer or business content unless policy allows it, and configure any Gemini key through a secure secret mechanism rather than pasting raw credentials into chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation text is very broad and includes many common terms like presentation, slides, PPT, keynote, and even adding speaker notes or converting markdown. In an agent-routing context, this can cause the skill to trigger for loosely related requests, leading the agent to perform unexpected file generation, API use, or content transformation without the user clearly intending to invoke this specific workflow.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill advertises AI image generation through the Gemini API as part of the normal pipeline, but it does not explicitly warn that slide prompts, notes, and potentially sensitive user material may be sent to a third-party service. This creates a privacy and data-governance risk, especially if presentations contain internal strategy, customer data, or unpublished technical content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The instructions tell the agent to check TOOLS.md for a Gemini API key or ask the user for one, but they omit any credential-handling safeguards. In practice, this can normalize unsafe secret access, encourage users to paste API keys into chat, and increase the chance of accidental exposure, logging, or misuse of credentials.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal