ClawHub

PopAI Powerpoint Slides

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches its PopAI presentation purpose, but its runtime command points to a hard-coded developer path while handling API credentials and user files.

Install only after fixing or verifying the run command so it executes the packaged `generate_ppt.py` from the installed skill directory. Use a revocable PopAI API key, upload only files you are comfortable sending to PopAI/S3, and avoid confidential or regulated material unless that third-party processing and hosted output links are acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill appears to use sensitive capabilities (environment access, file writing, and network access) without declaring any permissions. This creates a transparency and policy-enforcement gap: users and the platform cannot accurately assess or constrain what the skill can do, increasing the risk of unexpected data access, exfiltration, or filesystem modification. In this context, a presentation-generation skill may legitimately need network access and file writing, but undeclared capabilities still make the behavior more dangerous because file uploads and external API interaction can involve user documents and secrets.

Context-Inappropriate Capability

Medium
Confidence
84% confidence
Finding
The skill accepts an arbitrary output path and appends streamed event data to a local file without constraining the destination. In an agent environment, this can overwrite or pollute unexpected files, expose generated content or remote-returned data to sensitive locations, and create side effects outside the stated purpose of generating presentations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Local files are uploaded to PopAI-managed infrastructure and S3, including file contents, names, extensions, and MD5-derived identifiers, but the script provides no user-facing warning at the point of action. This creates a privacy and data-handling risk because users may supply sensitive documents without realizing they are being transmitted off-system to a third party.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The user's query and uploaded file URLs are sent to the remote PopAI API without explicit disclosure in the tool's runtime behavior. Because prompts and referenced documents may contain sensitive business or personal data, silent external transmission can cause privacy violations and unexpected data exposure.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly supports passing local files as references, but it does not warn the user that those files will be uploaded to PopAI and related external storage/services. This creates a real data exfiltration and privacy risk because users may provide sensitive documents under the assumption processing is local.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill returns external PopAI-hosted URLs for the generated PPT and an online view/edit link, but it does not disclose this hosting model up front. Users may unintentionally expose generated content to third-party hosting or share editable links without understanding the access implications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal