ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Image to Editable PowerPoint

v1.0.1

Convert static images (slides, posters, infographics) to editable PowerPoint files. OCR detects text, classical CV textmask detects ink pixels, mask-clip pre...

2· 80·0 current·0 all-time
byJade Liu@minutemighty
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (image → editable PPTX) align with the provided Python modules (OCR, textmask, inpaint, assemble). The listed dependencies (PaddleOCR, Torch, LAMA) and code behavior are appropriate for OCR + inpainting + PPTX assembly. No unrelated credentials, binaries, or paths are requested.
Instruction Scope
SKILL.md and the code describe and implement the exact pipeline: run OCR, compute ink masks, clip to OCR bboxes, optionally inpaint, assemble PPTX. The instructions and CLI do not ask the agent to read unrelated files, environment variables, or post data to unknown endpoints. Intermediate files and model cache locations are local and documented.
Install Mechanism
The registry entry has no formal install spec (instruction-only), but SKILL.md/README instruct a git clone + pip install -e and the package includes Python source. Models are downloaded on first use (~370 MB) from cited open-source repos (PaddleOCR, advimman/lama). This is expected but noteworthy: automatic model downloads and heavy native packages (PyTorch) will fetch data from the network and consume disk space.
Credentials
No environment variables, credentials, or config paths are required. The code caches models under standard user-cache directories. There are no requests for unrelated secrets or system tokens.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system-wide agent configs. It runs as a normal skill and writes only its own temp/intermediate files and model caches.
Assessment
This skill appears coherent and implements what it claims. Before installing: (1) expect large downloads (~370 MB) and heavy Python dependencies (PyTorch, PaddleOCR, simple-lama-inpainting) which may take time, disk space, and may access GPUs; (2) models are fetched from open-source repos on first run — verify the upstream GitHub (SKILL.md points to github.com/JadeLiu-tech/px-image2pptx) if you need to trust the source; (3) the skill executes Python code on your machine, so install it in an isolated environment (virtualenv/conda) and review the repository if you have strict security policies; (4) if you cannot allow network downloads, use --ocr-json and --skip-inpaint to avoid model downloads and heavy inpainting, or prepopulate the caches from a trusted source.
px_image2pptx/inpaint.py:51
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

image processingvk9761acbxawyht81wxr0wggj5h83apxkinpaintingvk9761acbxawyht81wxr0wggj5h83apxklatestvk974hp8wx963d07b73k7qyx58d83bzedocrvk9761acbxawyht81wxr0wggj5h83apxkpptxvk9761acbxawyht81wxr0wggj5h83apxk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments