ClawHub

Slideshow Generator

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a local presentation-content helper that saves entered text on the user's machine, with no evidence of credential access, network exfiltration, or destructive behavior.

Install only if local retention of presentation text is acceptable. Avoid entering secrets or highly confidential material, periodically review or delete ~/.local/share/slideshow-generator, and verify the actual CLI command points to this reviewed script because the install path is not specified.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The broad activation language encourages use for many generic writing and content tasks beyond slideshow generation, increasing the chance that users route unrelated and potentially sensitive material into the skill. Because the skill also documents persistent logging, overbroad triggering materially expands the volume and sensitivity of data collected.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill explicitly states that user inputs are stored in local log files and can be exported, but it does not provide a clear warning about retention, sensitivity, or privacy implications. Users may unknowingly submit confidential presentation content, credentials, internal roadmaps, or client data that then persists on disk and becomes easier to retrieve or exfiltrate.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script persistently records raw user input into files under ~/.local/share/slideshow-generator across many commands without explicit consent, retention limits, or sensitivity warnings. In the context of a tool advertised for drafting/editing slides, users may paste confidential presentation text, internal plans, or secrets, creating unintended local data exposure to other local processes, backups, support bundles, or anyone with access to the account.

Ssd 3

Medium
Confidence
96% confidence
Finding
The documented design centralizes all user-provided inputs into per-command logs, a unified history log, and exportable aggregate files, which creates a straightforward data leakage path. Even without overtly malicious code, search/export/status features make it easy for sensitive natural-language content to be enumerated, packaged, and exposed beyond the user’s original intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal