ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Slides Cog

v1.0.15

AI presentation and slide deck generation powered by CellCog. Pitch decks, keynotes, business presentations, educational slides, investor decks — PDF or nati...

7· 4.5k·16 current·16 all-time
byCellCog@nitishgargiitd
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (slide and presentation generation) matches the instructions: the SKILL.md shows how to call the CellCog SDK to create PDFs/PPTX and other outputs. The guidance and examples are consistent with an AI-driven slide generator.
Instruction Scope
SKILL.md instructs the agent to call the cellcog client (create_chat) and to consult the cellcog skill for SDK details (file handling, chat modes, timeouts). The skill itself does not instruct reading arbitrary local files or exfiltrating data, but its referenced 'file handling' capabilities live in the cellcog skill and could allow broader file access depending on that skill's instructions.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes direct install risk (nothing is downloaded or written by this skill itself). SKILL.md lists a dependency on 'cellcog', which implies another skill or package is needed but no install instructions are provided here.
!
Credentials
This skill declares no required environment variables or primary credential, yet it delegates runtime work to the CellCog SDK/service. CellCog usage typically requires credentials or API keys (not declared here). That omission is a mismatch: users should expect to provide auth for the external service, and sensitive data may be transmitted to that service.
Persistence & Privilege
Skill flags show standard, non-persistent privileges (always: false, user-invocable: true, model invocation allowed). No config paths or persistence mechanisms are requested by this skill.
What to consider before installing
This skill is an instruction-only wrapper that calls the external CellCog SDK/service to produce slides. Before installing: 1) Review the separate 'cellcog' skill or SDK documentation to see what credentials (API keys, tokens) and file-access permissions it requires — this Slides Cog does not declare them. 2) Verify the publisher/source (homepage is cellcog.ai but registry source is unknown) and the CellCog service terms/privacy: generated slides and any uploaded content may be stored/processed by CellCog. 3) If you plan to use it with sensitive data, test in a controlled environment and confirm where files are uploaded/stored and whether data is retained. 4) Ask the provider for a manifest of required env vars and for explicit details about file handling and network endpoints; decline installation until those are disclosed if you need strict control over credentials or data exfiltration.

Like a lobster shell, security has layers — review code before you run it.

latestvk978tdbcmdqr1s321v38n9dczh84tdga

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📽️ Clawdis
OSmacOS · Linux · Windows

Comments