google-slides

The documented tool appears to be a legitimate Google Slides CLI integration with expected read/write capabilities and proper use of system keyring for token storage. The sole material security concern is the ambiguous mention of a 'Google's cloud function' used for automatic token refresh: if this is not an official Google endpoint or a clearly identified trusted service, it could result in refresh tokens or token refresh requests being forwarded to a third party, enabling credential exfiltration and account compromise. No explicit signs of malware or obfuscation are visible in the documentation itself. To reach high confidence, review the actual scripts (scripts/auth.py and scripts/slides.py) to confirm token refresh endpoints and flows, verify OAuth scopes, and ensure tokens never leave trusted boundaries.