scientific-slides

This skill's purpose and capabilities are consistent with creating AI-generated slide images and assembling presentations, but it relies on an external image-generation service and explicitly instructs uploading local files and prior slides to that service. That design is plausible for legitimate use but creates a meaningful data-exfiltration risk if users attach sensitive or proprietary figures (or if the underlying script calls an untrusted endpoint). There is no evidence of deliberate malware or obfuscation in the provided text, but the lack of explicit data-handling, retention, or privacy safeguards and the encouragement to attach arbitrary files make this skill SUSPICIOUS from a supply-chain/data-leak perspective. Recommend: review the actual scripts (generate_slide_image.py) to confirm the exact network endpoints, TLS usage, and data retention policies; and add explicit warnings to users about what not to attach and provide an on-premise/local generation option or privacy guarantees if possible.