ClawHub

corespeed-slide

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate PowerPoint generator, but it runs slide files as executable code with broad local read/write access and does not clearly warn users about that trust boundary.

Install only if you are comfortable treating slide .tsx files as executable code. Use it with decks you or your agent created for the current task, avoid arbitrary downloaded TSX slide files, and prefer scoping Deno permissions to the specific input/assets and output path when running it. Consider installing Deno through a trusted package manager or verified installer instead of blindly running the curl-to-shell command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The script dynamically imports a user-supplied local TSX file, which executes that module's top-level code during import, not just reads a data structure. In this skill's context, slide files are expected to be provided by users or generated externally, so a malicious slide file can run arbitrary code with the script's Deno permissions and access local files or overwrite output.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The install instructions direct the agent or user to execute a remote installer script via `curl | sh` without verification, pinning, checksum validation, or an explicit warning. This creates a supply-chain execution path where compromise of the remote host, installer, DNS/TLS trust chain, or upstream distribution could lead to arbitrary code execution on the local system.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal