sum2slides-lite Security Report — Low Risk | ClawSafe

25 /100

sum2slides-lite

对话总结成专业PPT，支持纯本地处理和可选飞书上传

This is a legitimate PPT generation skill with clearly documented optional Feishu upload functionality. The skill properly declares its capabilities and handles credentials appropriately through environment variables.

Skill Namesum2slides-lite

Duration57.5s

Enginepi

✓

Safe to install

The skill is safe for use. Users should only enable the optional Feishu upload feature if they trust the service, and should verify no environment variables are set if they want pure local operation.

Findings 3 items

Severity	Finding	Location
Low	Example API key in documentation Doc Mismatch credentials_management.md contains a hardcoded example API key 'sk_live_1234567890abcdef' at line 67. This is explicitly marked as an example of what NOT to do (wrong practice), not actual malicious code. `API_KEY = "sk_live_1234567890abcdef"` → This is educational documentation showing bad practices. No action needed.	`credentials_management.md:67`
Info	Destructive shell commands in documentation examples Doc Mismatch INSTALL.md:127 and INSTRUCTION_SCOPE_VISUAL.md:206 contain examples of 'rm -rf ~' and 'rm -rf /' commands. These are documented as dangerous examples to avoid, not actual execution. `rm -rf ~` → This is documentation about what NOT to do. The skill does not execute these commands.	`INSTALL.md:127`
Info	Subprocess usage for AppleScript WPS automation RCE core/wps_generator.py uses subprocess.run(['osascript', ...]) to automate WPS Office on macOS for PPT generation. This is legitimate functionality for WPS-based PPT creation. `subprocess.run(['osascript', script_file], capture_output=True, text=True, timeout=30)` → This is documented WPS automation functionality, not malicious code execution.	`core/wps_generator.py:53`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`WRITE`	`WRITE`	✓ Aligned	SKILL.md:36 declares file writing for PPT generation
Network	`READ`	`READ`	✓ Aligned	SKILL.md:46 declares optional feishu.enabled network activity
Shell	`WRITE`	`WRITE`	✓ Aligned	core/wps_generator.py:53 subprocess for WPS AppleScript - documented feature
Environment	`NONE`	`READ`	✓ Aligned	SKILL.md:11 'requires: env: []' - optional FEISHU_* vars correctly marked
Skill Invoke	`NONE`	`NONE`	—	No cross-skill invocation detected
Clipboard	`NONE`	`NONE`	—	No clipboard access found
Browser	`NONE`	`NONE`	—	No browser automation found
Database	`NONE`	`NONE`	—	No database access found

2 Critical 1 High 9 findings

💀

Critical Dangerous Command 危险 Shell 命令

rm -rf ~

INSTALL.md:127

💀

Critical Dangerous Command 危险 Shell 命令

rm -rf /

INSTRUCTION_SCOPE_VISUAL.md:206

🔑

High API Key 疑似硬编码凭证

API_KEY = "sk_live_1234567890abcdef"

credentials_management.md:67

🔗

Medium External URL 外部 URL

http://malicious.com

INSTRUCTION_SCOPE_VISUAL.md:214

🔗

Medium External URL 外部 URL

https://open.feishu.cn/open-apis/auth/v3/tenant_access_token/internal

SECURE_INSTALLATION_GUIDE.md:56

🔗

Medium External URL 外部 URL

https://open.feishu.cn

docs/OPERATIONAL_RISKS.md:186

🔗

Medium External URL 外部 URL

https://open.feishu.cn/open-apis

platforms/feishu/feishu_platform.py:19

🔗

Medium External URL 外部 URL

https://feishu.cn/file/

platforms/feishu/feishu_platform.py:156

📧

Info Email 邮箱地址

[email protected]

CHANGELOG.md:291

File Tree

39 files · 286.3 KB · 10233 lines

Python 18f · 5331L Markdown 18f · 4700L YAML 1f · 96L Text 1f · 88L JSON 1f · 18L

├─ ▾ 📁 config

│ ├─ 📋 config.yaml YAML 96L · 2.4 KB

│ └─ 🐍 settings.py Python 356L · 11.0 KB

├─ ▾ 📁 core

│ ├─ 🐍 base_generator.py Python 289L · 7.9 KB

│ ├─ 🐍 content_planner.py Python 395L · 13.3 KB

│ ├─ 🐍 pptx_generator.py Python 328L · 11.8 KB

│ └─ 🐍 wps_generator.py Python 439L · 14.2 KB

├─ ▾ 📁 docs

│ ├─ 📝 OPERATIONAL_RISKS.md Markdown 339L · 8.2 KB

│ ├─ 📝 PERMISSIONS.md Markdown 253L · 6.0 KB

│ ├─ 📝 PLATFORM_COMPATIBILITY.md Markdown 282L · 8.1 KB

│ ├─ 📝 SECURITY_GUIDE.md Markdown 322L · 6.5 KB

│ └─ 📝 USER_GUIDE.md Markdown 467L · 9.9 KB

├─ ▾ 📁 examples

│ └─ 🐍 basic_usage.py Python 50L · 1.1 KB

├─ ▾ 📁 platforms

│ ├─ ▾ 📁 feishu

│ │ └─ 🐍 feishu_platform.py Python 365L · 12.6 KB

│ └─ 🐍 base_platform.py Python 290L · 8.0 KB

├─ ▾ 📁 utils

│ ├─ 🐍 error_handler.py Python 307L · 9.1 KB

│ ├─ 🐍 file_utils.py Python 400L · 11.2 KB

│ └─ 🐍 logger.py Python 224L · 6.0 KB

├─ 🐍 __init__.py Python 307L · 8.5 KB

├─ 📝 capability_verification.md Markdown 123L · 3.4 KB

├─ 📝 CHANGELOG.md Markdown 345L · 8.3 KB

├─ 📋 clawhub.json JSON 18L · 593 B

├─ 🔑 credentials_management.md ⚠ Markdown 342L · 8.3 KB

├─ 📝 ENV_VAR_CLARIFICATION.md Markdown 34L · 1014 B

├─ 📝 install_mechanism.md Markdown 306L · 6.8 KB

├─ 📝 INSTALL_SPECIFICATION.md Markdown 253L · 5.5 KB

├─ 🐍 INSTALL_VERIFICATION.py Python 296L · 8.8 KB

├─ 📝 INSTALL_WITHOUT_SETUP.md Markdown 273L · 5.8 KB

├─ 📝 INSTALL.md Markdown 168L · 3.8 KB

├─ 📝 INSTRUCTION_SCOPE_VISUAL.md Markdown 240L · 9.4 KB

├─ 📝 instruction_scope.md Markdown 205L · 4.8 KB

├─ 🐍 quick_permission_check.py Python 130L · 4.7 KB

├─ 📝 README.md Markdown 265L · 7.6 KB

├─ 🐍 risk_confirmation.py Python 160L · 5.3 KB

├─ 📝 SECURE_INSTALLATION_GUIDE.md Markdown 262L · 6.1 KB

├─ 🐍 setup_info.py Python 137L · 3.9 KB

├─ 🐍 simple_sum2slides_test.py Python 250L · 7.9 KB

├─ 📝 SKILL.md Markdown 221L · 6.0 KB

├─ 🐍 sum2slides.py Python 608L · 20.7 KB

└─ 📄 VERSION.txt Text 88L · 2.0 KB

Dependencies 2 items

Package	Version	Source	Known Vulns	Notes
`python-pptx`	`>=0.6.21`	pip	No	Version constraint present
`requests`	`*`	pip	No	No version pinning - minor supply chain risk

Security Positives

✓ SKILL.md clearly documents optional network access with feishu.enabled=false by default

✓ Credentials are properly handled via environment variables (FEISHU_APP_ID, FEISHU_APP_SECRET) - no hardcoded credentials in actual code

✓ INSTALL_VERIFICATION.py includes security verification checks for subprocess, eval, exec patterns

✓ Documentation includes comprehensive security guidance and risk acknowledgment process

✓ No credential harvesting - skill only uses user-provided Feishu credentials for their intended purpose

✓ No base64 encoding, obfuscation, or anti-analysis techniques detected

✓ No access to sensitive paths like ~/.ssh, ~/.aws, or .env files

✓ Network requests only go to official Feishu API endpoints (open.feishu.cn)

✓ Includes safety confirmation prompts and risk acceptance records

✓ AppleScript execution is scoped to WPS automation with 30-second timeout protection

Scan Report

Findings 3 items

File Tree

Dependencies 2 items

Security Positives