Pptx To Html

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward PowerPoint-to-HTML helper using a disclosed MinerU CLI and token, with the main caution that slide contents may be handled by MinerU's external service.

Install only if you trust the MinerU CLI and are comfortable using a token-authenticated external conversion service. Avoid using it for confidential slide decks unless your organization permits MinerU/OpenDataLab processing that content, and protect MINERU_TOKEN like any other API credential.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly supports converting local files and remote URLs through a token-authenticated third-party service, but it does not clearly disclose that presentation contents may be uploaded or transmitted off-host to MinerU. This creates a real data-handling and privacy risk because users may process sensitive slide decks under the assumption that conversion is local.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal