skills/panaversity/claude-code-skills-lab/pptx/Socket

pptx

Warn

Audited by Socket on Feb 22, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

[Skill Scanner] Installation of third-party script detected All findings: [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] supply_chain: Installation of third-party script detected (SC006) [AITech 9.1.4] This skill's documentation and described workflows are functionally appropriate for PPTX creation and editing, but there are moderate supply-chain and privacy risks. The main concerns are: (1) repeated instructions to read entire files (could expose sensitive information unintentionally), (2) execution of multiple local scripts without integrity/pinning or sandboxing, and (3) broad global installs (npm -g) and Playwright/browser artifact downloads that perform unpinned network operations. There is no direct evidence of malicious code or credential harvesting in the provided documentation, but the combination of download-execute patterns, global installs, and unconstrained file reads raises a meaningful supply-chain and data-exposure risk. I recommend: run installs in isolated environments (containers/virtualenvs), avoid global -g installs, pin versions and verify checksums, and only read the parts of files required for the user's request. LLM verification: No direct malicious behavior (exfiltration, backdoor, obfuscation, or embedded exploit) is present in this SKILL.md. The main risk is supply-chain and host-impact: the file instructs unpinned, global installs (npm -g, pip, apt-get) and mandates running external system tools. Those download-and-execute patterns increase risk (package compromise, unwanted changes to host) and the guidance to 'NEVER set any range limits' when reading large files increases data-access surface. Recommend: require pin

Confidence: 75%Severity: 75%

Audit Metadata

Analyzed At

Feb 22, 2026, 02:10 PM

Package URL

pkg:socket/skills-sh/panaversity%2Fclaude-code-skills-lab%2Fpptx%2F@744bc44ba6edd58d6376374206be1fd4b1c8697d