ClawHub

html2pptx

Security checks across malware telemetry and agentic risk

Overview

This is a local HTML-to-PPTX converter with documentation and dependency hygiene issues, but no evidence of hidden data access, persistence, exfiltration, or destructive behavior.

Install only if you need local HTML-to-PPTX conversion, and prefer running the documented Python converter on files you choose explicitly. Treat the README’s prompt-generation and virtual-environment claims as stale unless a future version adds reviewed code, and consider pinning/updating dependencies before use in a shared or production environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README shows a conceptual invocation that accepts arbitrary natural-language input ("Create a presentation about...") rather than clearly constraining the skill to HTML-to-PPTX conversion. In an agent setting, this broad trigger surface can cause the skill to activate outside its intended scope, potentially chaining into unreviewed generation or file-processing behavior and increasing the chance of prompt/command misuse.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger phrase “转换ppt” is broad and can match many generic requests about creating, converting, or editing PowerPoint files that may be outside this skill’s narrow HTML-to-PPTX purpose. Over-broad invocation can cause the wrong skill to activate on unrelated content, potentially leading to unintended file handling or user confusion about what data will be processed.

Unpinned Dependencies

Low
Category
Supply Chain
Content
beautifulsoup4>=4.10.0
lxml>=4.6.0
html5lib>=1.1
Confidence
89% confidence
Finding
beautifulsoup4>=4.10.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
beautifulsoup4>=4.10.0
lxml>=4.6.0
html5lib>=1.1
Confidence
97% confidence
Finding
lxml>=4.6.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
beautifulsoup4>=4.10.0
lxml>=4.6.0
html5lib>=1.1
Confidence
95% confidence
Finding
html5lib>=1.1

Known Vulnerable Dependency: lxml — 10 advisory(ies): CVE-2021-43818 (lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through); CVE-2014-3146 (lxml Cross-site Scripting Via Control Characters); CVE-2021-28957 (lxml vulnerable to Cross-Site Scripting ) +7 more

High
Category
Supply Chain
Confidence
93% confidence
Finding
lxml

Known Vulnerable Dependency: html5lib — 4 advisory(ies): CVE-2016-9910 (Cross-site Scripting in html5lib); CVE-2016-9909 (Improper Neutralization of Input During Web Page Generation in html5lib); CVE-2016-9909 (The serializer in html5lib before 0.99999999 might allow remote attackers to con) +1 more

High
Category
Supply Chain
Confidence
91% confidence
Finding
html5lib

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal