ClawHub
Back to skill

Security audit

AI PPT Generator Local

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it runs local Python scripts to generate presentations through Baidu Wenku AI using a user-provided Baidu API key.

Install only if you are comfortable sending presentation topics, optional supplied content, and your BAIDU_API_KEY to Baidu's API. Avoid using it with sensitive, regulated, or proprietary material unless that third-party processing is acceptable, and make sure the runtime has the Python requests package available.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill declares required environment variables and instructs execution of Python scripts that interact with an external API, but it does not declare corresponding permissions despite clearly needing env, shell, and network capabilities. This creates a transparency and policy-enforcement gap: users and platforms may not realize the skill can execute code and send data externally, increasing the risk of unexpected data exposure or unsafe execution.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill sends user-provided PPT topics/content to Baidu's external AI service and requires a BAIDU_API_KEY, but the description does not clearly warn users that their prompts may leave the local environment and be processed by a third party. This is a real privacy and consent issue, especially if users submit sensitive business, educational, or personal presentation content.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script transmits user-provided query text and optional web_content to a third-party external API, but provides no explicit notice, consent step, or minimization before disclosure. If users paste sensitive business, personal, or proprietary content, that data leaves the local environment and may be stored or processed by the remote provider.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.