ClawHub

Ppt Generator 1

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward HTML slide-deck generator, with the main caveat that generated presentations load fonts and styling from third-party CDNs.

Reasonable to install for generating minimalist HTML presentations. Before using it for sensitive or offline decks, review or replace the CDN links with local assets, and explicitly state your desired language, style, and slide constraints if you do not want the default Chinese Jobs-style vertical format.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The template loads executable and styling dependencies from third-party CDNs, which breaks the promise of a self-contained HTML output and introduces a supply-chain and availability risk. If the CDN content is changed, blocked, or unavailable, generated presentations may execute unexpected code, leak metadata through outbound requests, or fail to render at all.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger description is broad enough to activate on many generic presentation-related requests, which can cause the skill to intercept prompts outside its intended scope. In an agent environment, overbroad routing can lead to unintended instruction takeover, user confusion, and increased exposure to any unsafe behavior embedded in the skill.

Natural-Language Policy Violations

Medium
Confidence
84% confidence
Finding
The skill description hard-codes Chinese behavior without checking the user's language preference, which can cause incorrect or inaccessible outputs for users operating in other languages. While not a direct code-execution issue, it is a security-relevant quality problem because it can override user intent, reduce transparency, and make downstream review of generated content harder.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The default prompt "请根据我的讲稿生成科技风PPT" is very broad and lacks boundaries on supported content, source trust, and output constraints. In an agent system, such generic activation text can cause over-triggering or generation from unsafe/unvalidated user input, increasing the chance the skill is invoked in unintended contexts and amplifying prompt-injection or misuse risks.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal