ClawHub

Ppt Extract

v0.4.0

Extract content from PowerPoint (.ppt, .pptx) presentations to Markdown using MinerU. Reads slide content and converts it to structured, readable output. Fea...

0· 95·0 current·0 all-time
by@mzlzyca
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Ppt Extract) align with required binary (mineru-open-api) and MINERU_TOKEN. Requested binaries and env var are expected for a CLI that delegates extraction to the MinerU service. No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md instructs the agent to run mineru-open-api commands against local files or URLs and to use MINERU_TOKEN for auth. This is within scope, but the instructions do not explicitly state whether extraction is performed locally or uploaded to MinerU servers — if the CLI uploads files, that means PPT contents may be transmitted off-host. Verify that behavior if you will process sensitive slides.
Install Mechanism
Install options are standard package installs: npm package 'mineru-open-api' or go install from a GitHub repo. Both are expected for a CLI tool; no arbitrary download URLs, shorteners, or archive extracts are used in the spec.
Credentials
Only MINERU_TOKEN is required and is declared as primaryEnv. That is proportional for a tool that authenticates to an external MinerU service. No other secrets or unrelated environment variables are requested.
Persistence & Privilege
Skill is not forced-always (always:false) and requests no filesystem or agent-wide config paths. It is user-invocable with normal autonomous-invocation enabled by default — the typical posture for skills.
Assessment
Before installing: (1) Confirm you trust MinerU/mineru-open-api (review its GitHub repo and npm package) and the token creation page (https://mineru.net/apiManage/token). (2) Verify whether the CLI extracts locally or uploads files to MinerU servers — avoid sending sensitive presentations unless you accept that. (3) Prefer installing from the source you audited (go install from the GitHub repo at a pinned commit or inspect the npm package contents). (4) Provide MINERU_TOKEN with least privilege possible and rotate/revoke it if needed. (5) If you are uncomfortable with autonomous invocation, keep the skill user-invocable only (do not enable always:true) or disable model invocation for it in agent settings.

Like a lobster shell, security has layers — review code before you run it.

latestvk975qxtrpave88vnegtf24ff8n845sj8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📄 Clawdis
Binsmineru-open-api
EnvMINERU_TOKEN
Primary envMINERU_TOKEN

Install

Install via npm
Bins: mineru-open-api
npm i -g mineru-open-api
Install via go install
Bins: mineru-open-api

Comments