扫描报告
5 /100
ppt-extract
Extract content from PowerPoint (.ppt, .pptx) presentations to Markdown using MinerU
This is a pure documentation skill (SKILL.md only) that describes how to use the legitimate open-source MinerU CLI tool for PowerPoint extraction. No execution code, scripts, or suspicious behavior present.
可以安装
No action needed. This skill is a thin wrapper around a documented open-source CLI tool with no hidden functionality.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | READ | READ | ✓ 一致 | SKILL.md: Only describes using mineru-open-api CLI which handles file reading |
| 网络访问 | READ | READ | ✓ 一致 | SKILL.md: Declares URL support for fetching remote .ppt files |
| 命令执行 | WRITE | WRITE | ✓ 一致 | SKILL.md: Documents CLI command execution (bash/go install, mineru-open-api extr… |
| 环境变量 | READ | READ | ✓ 一致 | SKILL.md: Declares MINERU_TOKEN environment variable usage |
2 项发现
中危 外部 URL 外部 URL
https://mineru.net SKILL.md:4 中危 外部 URL 外部 URL
https://mineru.net/apiManage/token SKILL.md:42 目录结构
1 文件 · 2.7 KB · 58 行 Markdown 1f · 58L
└─
SKILL.md
Markdown
安全亮点
✓ Single-file skill with no hidden scripts or executables
✓ All external tool usage documented (mineru-open-api CLI)
✓ Legitimate open-source project (MinerU by OpenDataLab/Shanghai AI Lab)
✓ Token-based API authentication properly documented
✓ No credential harvesting beyond documented MINERU_TOKEN requirement
✓ No network exfiltration or suspicious external communication
✓ No base64 encoding, eval(), or obfuscated code patterns
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)