Presentation Agent
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: presentation-agent Version: 1.0.0 The skill bundle is classified as suspicious because the script `scripts/md2slide.sh` executes the Marp CLI with the `--allow-local-files` and `--html` flags, as explicitly mandated by the design rules in `SKILL.md`. These flags allow the rendering engine to access and embed arbitrary local files from the host environment, creating a significant Local File Inclusion (LFI) vulnerability if the input Markdown content is maliciously crafted (e.g., using HTML iframes to read `/etc/passwd`). While these settings are likely intended to facilitate the use of local fonts and the brand logo, they pose a high risk of data leakage from the agent's execution environment.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Slide generation will run whatever global Marp and Mermaid CLI versions are present on the machine.
The skill depends on host-global npm tools rather than a pinned install spec; this is expected for Marp/Mermaid conversion but users should verify the installed tools' provenance and versions.
- `@marp-team/marp-cli` (npm global) - `@mermaid-js/mermaid-cli` (npm global) - Both already installed on this host.
Install or verify trusted versions of `@marp-team/marp-cli` and `@mermaid-js/mermaid-cli` before using the skill.
A Markdown file with local file references or embedded HTML can influence what the local renderer loads into the output.
The renderer is intentionally allowed to process HTML and local file references so local themes and assets work; this is purpose-aligned, but it broadens what a Markdown deck can cause the renderer to load.
marp "${TMPMD}" --pdf -o "${OUTPUT}" --allow-local-files --html --theme-set "${THEME_DIR}/frexida.css"Use this with Markdown and assets you trust, and review file/image/script references before converting third-party decks.
Creating data graphs may involve local code execution as part of producing the slide assets.
The instructions may lead the agent to execute local plotting code to create graph images; that is coherent with data visualization but should not be used to run untrusted code snippets.
For matplotlib/plotly graphs, generate PNG first via `exec`, then embed as `` in the Markdown.
Have the agent generate plotting code from trusted data, and avoid executing code copied from untrusted Markdown or external sources.