ClawHub

Markdown to PPT (Smart Layout)

Security checks across malware telemetry and agentic risk

Overview

This is a normal Markdown-to-presentation skill with optional web image fetching that users should avoid for confidential decks unless they are comfortable sharing slide keywords externally.

Install in a normal trusted development environment, review the output directory before running, and keep --auto-images off for private or sensitive Markdown unless you have reviewed and sanitized the slide titles and image keywords that may be sent to Unsplash.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly supports automatic web image search/download and saving assets to local directories, but it does not clearly warn users before transmitting content-derived keywords to third-party services or modifying the workspace. This can leak sensitive document topics, pull untrusted remote content into the project, and create files unexpectedly, especially when `--auto-images` or interactive image generation/search flows are used.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example trigger '帮我做个融资路演 PPT' is broad natural language that overlaps with ordinary conversation, increasing the chance the skill is invoked unintentionally. In this skill, unintended invocation matters because it can lead to document processing, web searches, downloads, and local file generation without the user realizing a tool-enabled workflow has started.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
When auto-images is enabled, the tool derives keywords from slide content and sends them to Unsplash over the network. If the source markdown contains confidential project names, customer names, internal topics, or other sensitive terms, those may be disclosed to a third party without clear consent or data-handling notice.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal