ClawHub

html-ppt-zc

Security checks across malware telemetry and agentic risk

Overview

This appears to be a document-generation skill with proportionate behavior, though its generated HTML may load remote assets and users should choose output paths carefully.

Install only if you are comfortable with generated HTML potentially contacting third-party font/CDN providers when opened. Use a fresh output filename or backup important files first, and prefer an offline/local-assets mode if the skill offers one.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The template pulls fonts and other assets from third-party CDNs, which gives generated presentations network dependencies outside the stated local PPT/HTML generation scope. This enables external requests, privacy leakage, and supply-chain risk if a CDN resource is modified, unavailable, or blocked.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The generated HTML has unjustified external network capability because it automatically contacts Google Fonts and other remote origins during viewing. In a document-generation skill, this expands the trust boundary and can leak metadata such as viewer IP, access time, and usage patterns without clear need.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The documentation tells users to supply an output path for generated PPT/HTML files but does not clearly warn that an existing file at that path may be overwritten. This can cause accidental data loss, especially because the examples encourage direct writes to user-chosen filesystem locations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal