v1.0.0

一键生成PPT截图和缩略图工具发布到微信去的工具，MAC版本

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:30 AM.

Analysis

The skill mostly matches its PPT-to-WeChat purpose, but it requires WeChat account secrets and automatically creates WeChat materials/drafts with hardcoded article text, so it should be reviewed carefully before use.

GuidanceUse this only if you are comfortable giving it WeChat official-account credentials and having it upload generated PPT images/create a WeChat draft. Before running it, review config.json, verify the LibreOffice/Ghostscript paths, change the author/title text, test on a non-production account if possible, and avoid confidential PPTs unless uploading them to WeChat is intended.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

ppt2wechat.py

result = create_draft(access_token, article)
...
publish_wechat(config, work_dir)

The main flow proceeds directly to WeChat upload/draft creation after generating images, with no artifact-backed confirmation or preview gate before mutating the external account.

User impactA single invocation can upload generated PPT images and create a WeChat draft/materials in the configured account.

RecommendationAdd an explicit review/confirm step before calling WeChat write APIs, and show the target account, image list, title, author, and draft content before upload.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

ppt2wechat.py

"title": Path(image_dir).name + "（无中缝，无水印，高清PPT，带教案）",

The WeChat draft title is automatically appended with promotional/claim-like wording that is not called out in SKILL.md.

User impactThe user may unknowingly create a WeChat draft whose title makes claims or marketing statements they did not intend.

RecommendationMake the full title configurable and require the user to review the final title and article metadata before any WeChat upload or draft creation.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

ppt2wechat.py

subprocess.run(cmd, check=True)

The script runs local LibreOffice and Ghostscript commands for PPT-to-PDF and PDF-to-PNG conversion; this is central to the stated purpose and uses argument lists rather than shell strings.

User impactThe skill depends on local binaries and will execute the paths configured in config.json.

RecommendationVerify that libreoffice_path and ghostscript_path point to trusted installations, preferably absolute paths, before running the skill.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

brew install ghostscript
pip3 install pillow

The setup instructions rely on user-run, unpinned package-manager installs, and there is no install spec declaring these dependencies.

User impactThe security and exact versions of required tools depend on the user's package sources and local environment.

RecommendationInstall dependencies from trusted sources, consider pinning versions where practical, and declare required binaries/packages in the skill metadata or install spec.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

ppt2wechat.py

access_token = get_access_token(
        config["wechat_appid"],
        config["wechat_appsecret"]
    )

The code consumes WeChat app credentials to obtain an access token for the official account, while the registry metadata declares no primary credential or required environment variables.

User impactProviding these secrets lets the skill act on the WeChat official account for the API actions it performs, including material upload and draft creation.

RecommendationUse a test or least-privileged WeChat app where possible, do not paste production secrets into general chat prompts, store and rotate the secret carefully, and ensure the credential requirement is explicitly understood before use.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

ppt2wechat.py

r = requests.post(url, files={'media': f}).json()

Generated image files are uploaded to WeChat API endpoints; this is aligned with the skill purpose, but it means local PPT content leaves the Mac.

User impactAny sensitive information in the PPT pages can be transmitted to WeChat as uploaded images.

RecommendationUse only with PPTs intended for WeChat, and review generated images before upload when the deck contains private or regulated information.