ppt-translator

The ppt-translator skill documentation and manifest describe a plausible and coherent tool for translating PowerPoint (.pptx) files using external LLM providers. The primary security concerns are standard for cloud translation tools: sensitive slide content is sent to third-party APIs, and API keys in environment variables must be protected. There is ambiguity because provider implementations are not shown — the biggest risk would be if provider modules forwarded credentials or text to intermediaries rather than official provider endpoints. There are no explicit download-and-execute patterns, no evidence of obfuscation, and no requests for unrelated credentials. Recommended controls: verify provider implementations call official APIs over TLS, avoid using --keep-intermediate for sensitive decks, use short-lived or scoped credentials where possible, and inspect requirements.txt for untrusted dependencies before installing.