Skillv3.8.2

ClawScan security

Doc2slides · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 5, 2026, 2:50 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: Doc2slides' code, declared requirements, and runtime instructions are coherent with its stated purpose (local PDF/DOCX/MD → PPTX conversion with optional LLM enhancement); nothing requests unrelated credentials or hidden network endpoints.
Guidance: This skill appears to do what it says: it runs local Python scripts to convert documents into PPTX and can optionally call LLMs if you provide keys. Before installing: (1) Inspect the provided setup.sh to see if it downloads or executes network binaries (e.g., Chromium or other installers) and run it in a controlled environment if concerned. (2) If you want strictly offline behavior, avoid supplying any API keys and confirm setup.sh/llm_adapter default to local-only. (3) Check that required template assets (assets/templates) and any fonts the scripts expect are present or bundled; missing assets will break runs but are not a security issue. (4) Because the skill will read/write files, run it on non-sensitive sample documents first and consider using a sandbox or isolated workspace. If you want extra assurance, share the contents of setup.sh and scripts/llm_adapter.py for a focused review.

Review Dimensions

Purpose & Capability: okName/description (document → designer PPT) align with required binaries (python3, pip3), file read/write permissions, and the included Python scripts that parse, render HTML/SVG, and produce PPTX. Optional LLM API keys are reasonable given the advertised 'optionally connect LLM providers' feature.
Instruction Scope: okSKILL.md instructs running setup.sh and executing the Python workflow on local files. The included scripts operate on local content, templates, and generate HTML/PPTX; they request file read/write which is expected. There are no instructions to read unrelated system credentials or exfiltrate files.
Install Mechanism: okThere is no install spec in the registry (setup is via provided setup.sh). The presence of many scripts is consistent with a local Python tool; no remote download URLs were provided in the manifest. The primary install risk is whatever setup.sh does (not shown) — that’s an engineering detail rather than an incoherence with purpose.
Credentials: okNo required environment variables; three LLM API keys are listed as optional (OPENAI_API_KEY, ZHIPU_API_KEY, DEEPSEEK_API_KEY) which fits the advertised optional LLM integration. No unrelated cloud credentials (AWS, GCP, etc.) are requested.
Persistence & Privilege: okThe skill does modify local files (declared) and requests file read/write permission — appropriate for converting documents to PPTX. always:false and normal autonomous invocation defaults are used; it does not request elevated or cross-skill configuration access.