Extract plain text from PowerPoint (.pptx) presentations using MinerU. Pulls readable text content from slides for easy reading and processing. Features: tex...
Security Analysis
medium confidenceThe skill is internally consistent with its stated purpose (using the mineru-open-api CLI and a MINERU_TOKEN) but the runtime instructions do not clearly state whether files are processed locally or uploaded to MinerU, so you should verify data-handling before sending sensitive documents.
Name/description match the declared requirements: the skill requires the mineru-open-api binary and an optional MINERU_TOKEN for full extraction, which aligns with extracting text from .pptx via the MinerU service/CLI.
SKILL.md gives concrete CLI commands and describes flash-extract (no token) vs extract (token required). However it does not state whether extraction runs locally or transmits files to a remote MinerU service/API. The instructions allow local file and URL inputs (expected), but lack explicit data-flow/privacy details—this is relevant if you will process sensitive slides.
Install methods are standard (npm package and go install from a GitHub repo). No arbitrary download URLs or extract-from-unknown-host steps are present in the metadata.
Only one credential (MINERU_TOKEN, declared as primary) is required which is proportional for a service-backed extractor. Bear in mind the token likely grants API access and could enable upload/processing of files by the remote service; the SKILL.md mentions where to create the token but does not describe token scope or expiration.
Skill is not always-on and is user-invocable. It requests no config paths and does not modify other skills or system-wide settings.
Guidance
This skill appears to do what it claims (calls the mineru-open-api CLI and optionally uses a MINERU_TOKEN). Before installing or using it with sensitive documents: 1) Confirm whether the mineru-open-api CLI processes files locally or uploads them to mineru.net (check the CLI source and MinerU privacy/API docs). 2) Inspect the npm package and the GitHub repository referenced to ensure the code matches your expectations. 3) Test with non-sensitive sample files first. 4) If you must use real data and the CLI uploads files, limit risk by using a least-privilege token, rotating it if possible, and reviewing MinerU's data retention/privacy policy. 5) If you cannot confirm local-only processing and data confidentiality is required, avoid sending sensitive slides to the service.
Latest Release
v0.4.0
SEO: expand description for better ClawHub vector search discovery
More by @mzlzyca
Published by @mzlzyca on ClawHub
