academic-ppt

No explicit malware behaviors (credential theft, backdoor, or clear data exfiltration) are visible in the rendering/embedding logic. However, the module includes a high-impact arbitrary code execution capability: it writes received/generated Python code to a file and executes it on the host via subprocess, and the shown import-whitelisting safeguard is not demonstrably enforced on the execution path. Additional risk arises from external CLI rendering (mmdc) fed with generated Mermaid content and from insufficiently constrained filesystem path inputs (output_path/image_path/name). Before using with any untrusted or AI-influenced inputs, the execution path must be sandboxed/isolated and the whitelist must be enforced prior to execution, with strict path sanitization and output confinement.