PPTX to Text

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward PowerPoint text-extraction helper, but users should verify MinerU data handling before processing sensitive presentations.

Install only if you are comfortable using MinerU for PPTX extraction. Test with non-sensitive files first, review the mineru-open-api package/source and MinerU privacy/API terms, and avoid regulated or confidential presentations unless you have confirmed whether files are uploaded, retained, and protected appropriately.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill encourages use of a third-party tool/service for processing PPTX files, including local files and URLs, but does not warn users that document contents may leave the local environment. This creates a privacy and data-handling risk, especially if users submit sensitive presentations under the assumption that extraction is purely local.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal