v0.1.5

Pitch Deck Visuals

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:31 AM.

Analysis

This instruction-only skill is coherent with making pitch deck visuals, but users should notice that it relies on installing, logging into, and sending deck-rendering inputs to an external inference.sh CLI service.

GuidanceThis skill appears safe to install as an instruction-only pitch deck helper if you are comfortable using inference.sh. Before using it, verify the CLI installer, log in only with the intended account, review generated infsh commands, and avoid sending confidential pitch data unless the provider's privacy and retention terms are acceptable.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

curl -fsSL https://cli.inference.sh | sh && infsh login

The documented setup runs a remote installer script to add the external CLI. This is disclosed and user-directed, but the installer itself is not included in the reviewed artifacts.

User impactInstalling the CLI means trusting a remote script and downloaded binary from inference.sh.

RecommendationUse the manual install and checksum verification path if possible, and install only if you trust the inference.sh source.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

allowed-tools: Bash(infsh *)

The skill permits Bash use of any infsh command, not only the specific html-to-image examples. This is limited to the infsh CLI and fits the visual-generation purpose, but it is still a broad command surface.

User impactIf an agent generates an unexpected infsh command, it may do more than render the requested slide visual.

RecommendationReview infsh commands before running them, especially commands beyond the documented rendering examples.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

SKILL.md

infsh app run infsh/python-executor --input '{\n  "code": "import matplotlib.pyplot as plt

One example uses an external Python executor to generate a market-size chart. Code execution is disclosed and aligned with chart generation, but users should treat it as executable code rather than static design advice.

User impactChart generation may execute Python code through the inference.sh service.

RecommendationOnly run generated Python-executor commands that you understand and that are limited to the intended visual output.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

infsh login

The skill expects the user to authenticate to the external inference.sh service. This is normal for the integration, but it gives the CLI access under the user's account.

User impactGenerated work may run under the user's inference.sh account and could use that account's permissions or billing.

RecommendationLog in with the intended account, understand any usage costs or account permissions, and avoid sharing credentials with unrelated agents or tools.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

SKILL.md

Create investor-ready pitch deck visuals via [inference.sh](https://inference.sh) CLI.

The workflow sends rendering inputs such as HTML, chart data, and potentially pitch-deck content to an external provider. This is disclosed and purpose-aligned, but investor decks can contain sensitive business information.

User impactConfidential fundraising, market, traction, or financial information could be submitted to the external rendering service if included in prompts or inputs.

RecommendationAvoid sending confidential deck content unless you trust the provider and have reviewed its privacy, retention, and account terms.