ClawHub

pi-ppt

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward PI PowerPoint generator, but prompts and any selected document are sent to the configured PI service.

Install only if you trust the PI service and the PIPPT_BASE_URL you configure. Use scoped credentials, avoid exposing PIPPT_APP_SECRET in shared command lines or logs, and only pass documents or prompt text that you are comfortable sending to PI for processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill encourages uploading local documents to an external API but does not clearly warn users that file contents will leave the local environment and be transmitted to a third party. This can lead to accidental exfiltration of sensitive, regulated, or proprietary data if users provide internal reports, PDFs, or presentations without understanding the privacy implications.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The documentation requires an application secret in environment variables but provides no warning about secret handling, storage, or exposure risk. Users may embed secrets directly in shell history, logs, shared scripts, or screenshots, increasing the chance of credential leakage and unauthorized API use.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script uploads arbitrary local files to an external service without an explicit privacy or data-handling warning at the point of use. In an agent skill context, this increases the risk that users provide sensitive documents without realizing they are leaving the local environment and being processed by a third party.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
User-supplied content is transmitted off-box to a third-party API, but the script does not provide a prominent notice that this text leaves the system. In an assistant/skill setting, that omission can cause inadvertent disclosure of confidential prompts, business plans, or internal text.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal