ppt-agent

SUSPICIOUS: the skill’s overall purpose is coherent for presentation generation, and I do not see clear malware or credential theft behavior. The main risks are operational: autonomous subagent orchestration, broad file/script execution, and high indirect prompt-injection exposure in the web-research branch.

This appears intended as a legitimate HTML-to-PNG converter using Node.js/Puppeteer, but the security posture is dominated by two factors: (1) the Python writes and executes a temporary JavaScript helper whose actual contents are not shown in the fragment (unknown high-impact behavior), and (2) it can install puppeteer at runtime via npm install without version pinning/integrity enforcement in this module (supply-chain exposure). No explicit credential theft or exfiltration is evident in the Python fragment alone, but the helper execution makes malicious behavior possible.