Skillv1.2.0

ClawScan security

PPT Presenter — 带逐字稿的演讲级PPT生成器 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 11, 2026, 3:48 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what it says (build reveal.js slides and call Gemini image API), but the package metadata omits needed runtime requirements (Gemini API key and python3) and the instructions will send user content to an external image-generation endpoint — these mismatches and data-exfiltration implications deserve caution.
Guidance: This skill appears to implement the advertised functionality, but there are important caveats to consider before installing or running it: - It requires an API key for Google's Gemini image endpoints (GEMINI_API_KEY) to generate slide images, but that credential is not declared in the skill metadata — you will need to supply it manually (via --api-key or GEMINI_API_KEY). Treat that key like any sensitive API key: only provide it if you trust the skill and the operator. The script will send your prompts and any included slide text to Google's generative-language API, so private content could be transmitted. - The image-generation helper is a Python script (python3). The skill metadata did not list python3 as a required binary; ensure your environment can run python3 before relying on the script. - The final HTML template loads assets (reveal.js, highlight, Google Fonts) from public CDNs. That is standard for web presentation templates, but be aware the rendered presentation will reference external resources when viewed online. - Minor documentation gaps: SKILL.md references TOOLS.md (not present) and the registry metadata should have declared GEMINI_API_KEY and the runtime requirement for Python. Recommendations: - If you decide to use it, run the included Python script locally (inspect it first — it is readable) and provide only non-sensitive prompts or sanitized content to avoid accidental data disclosure. - Ask the publisher to update the skill metadata to declare GEMINI_API_KEY and python3 as requirements and to remove or include the referenced TOOLS.md so requirements are clear. - If you cannot verify the publisher or do not want to share content with Google, skip the image generation step and substitute local/static images instead.

Review Dimensions

Purpose & Capability: noteThe skill's name/description match its files and instructions: it generates reveal.js HTML, per-slide speaker scripts, and one AI image per slide. However the metadata does not declare the real runtime dependencies the skill uses: the SKILL.md and scripts/generate_slide_images.py require a Gemini API key (GEMINI_API_KEY) and execution via python3. The omission of these required resources from the declared metadata is an inconsistency.
Instruction Scope: concernSKILL.md instructs the agent to read user-provided markdown/text to build slides and to call the Gemini image-generation API with prompts that may include user content. The script and docs reference checking a TOOLS.md for API keys (TOOLS.md isn't included), and the run commands rely on an API key passed via --api-key or GEMINI_API_KEY. The instructions therefore cause user content and prompts to be transmitted to an external Google generative-language endpoint — expected for image gen but worth flagging since the metadata didn't declare that network interaction or required credentials.
Install Mechanism: okThere is no install spec (instruction-only + a small helper script). That is low-risk from an installation perspective: nothing is downloaded or installed automatically by the skill bundle itself. The included Python script is plain and readable (no obfuscated code or hidden endpoints).
Credentials: concernThe skill needs an API key (GEMINI_API_KEY) to generate images, but the registry metadata lists no required env vars or primary credential. That mismatch is a substantive omission. Also, providing the Gemini API key will allow the skill to send prompts and any included user content to Google's generative API — this is proportionate to the stated purpose (image generation) but it is sensitive and should have been declared explicitly in metadata so the user knows what credentials they'll need to supply.
Persistence & Privilege: okThe skill does not request always:true or any elevated persistence. It does not modify other skills or system-wide settings; it simply provides instructions and a standalone script and an HTML template.