GLM-V-PDF-to-PPT
Security checks across malware telemetry and agentic risk
Overview
The skill mostly matches its PDF-to-slides purpose, but one crop helper can write outside the intended output folder if given an unsafe name.
Use this skill for non-sensitive or appropriately handled PDFs, preferably in an isolated workspace. Before trusting it broadly, fix the crop filename handling so crop outputs cannot be written outside the intended crops folder.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted or poorly chosen crop name could create or overwrite a PNG file outside the presentation output folder.
When --name is supplied, it is not sanitized before being joined to out_dir. A name containing path separators such as ../ could cause the crop PNG to be written outside the intended crops directory.
stem = name or _safe_stem(img_path); filename = f"{stem}_crop.png"; out_path = os.path.join(out_dir, filename); cropped.save(out_path, format="PNG")Sanitize the provided name the same way as the default stem, reject path separators, and verify the resolved output path remains inside the intended crops directory before saving.
Installation depends on whatever package versions are current in the user’s Python environment.
PDF rendering and image cropping reasonably require these packages, but the packages are unpinned and the registry/install metadata does not declare an install spec.
Python packages (install once): ```bash pip install pymupdf pillow ```
Install in a trusted or isolated environment and prefer pinned package versions if publishing or deploying this skill.
Sensitive PDF page content may be visible to the subagent used for cropping.
The skill intentionally passes selected page images to a subagent for crop-coordinate selection. This is purpose-aligned, but users should be aware that document content may enter another agent context.
You MUST delegate ALL cropping to a clean subagent using the Agent tool... A fresh subagent with only the target image produces much more precise coordinates.
Confirm that the configured Agent tool/subagent is acceptable for sensitive documents, and limit the subagent context to only the needed page image as the skill describes.
Private PDF content may remain on disk in generated presentation files and crops after the task finishes.
The skill stores derived document content locally as outline, crop images, slide HTML, and a summary. This is expected for the presentation workflow, but it persists content from the source PDF.
All output goes under `{WORKSPACE}/ppt/<pdf_stem>_<timestamp>/`... outline.json... crops/... slide_01.html... summary.mdReview and delete generated output and temporary page images when processing confidential documents.