html-ppt — HTML PPT Studio
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
This skill appears safe for creating static HTML slides. Before installing, verify the GitHub source, run the helper scripts only when you intend to create or render a deck, and do not provide credentials, OAuth tokens, or payment permissions if prompted. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing from an external repository can affect what code and instructions your agent receives if the source changes or is not trusted.
The documented install path pulls the skill through npx from an external GitHub URL, so provenance and repository integrity matter.
npx skills add https://github.com/lewislulu/html-ppt-skill
Install only if you trust the repository and owner; prefer pinned versions or reviewed commits where possible.
Running these scripts may create files and invoke local browser/rendering tooling on your machine.
The workflow includes user-run shell scripts for scaffolding a deck and rendering HTML to images. That is aligned with the skill purpose, but it is still local command execution.
./scripts/new-deck.sh my-talk ./scripts/render.sh templates/theme-showcase.html
Run the scripts only in a project directory you control, and review script contents before use if you are installing from an untrusted source.
If the skill or runtime unexpectedly asks for login tokens, payment authority, or sensitive credentials, that would not match the visible purpose.
These signals would be broader than needed for a static HTML presentation skill, but the declared requirements say no credentials and the visible artifacts do not show OAuth, purchases, or credential handling.
Capability signals: crypto; can-make-purchases; requires-oauth-token; requires-sensitive-credentials
Do not grant OAuth tokens, payment access, or sensitive credentials for this skill unless a specific, reviewed workflow clearly justifies them.