Python PPT Generator

Security checks across malware telemetry and agentic risk

Overview

This skill coherently creates PowerPoint files using a local Python helper, with no evidence of hidden data access, persistence, or unrelated behavior.

Install this if you want an agent to create PPTX decks locally with Python. Treat it like any workflow that runs generated code: keep the generated script limited to the included ppt_lib.py helpers and the intended output file, avoid using sensitive deck content in an untrusted environment, and consider pinning python-pptx for controlled setups.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly instructs the agent to generate and execute Python code to produce a `.pptx` file, but it does not warn the user that arbitrary generated code will be run on their behalf. That omission weakens informed consent and can hide a meaningful execution boundary, increasing the risk of unsafe code generation, unintended file access, or abuse if prompts are manipulated.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal