ClawHub
Back to skill

Security audit

Markitdown Hosted Markdown Generator

Security checks across malware telemetry and agentic risk

Overview

This is a coherent hosted document-conversion skill, but users should avoid sending confidential documents or signed URLs unless they trust AgentPMT to process them.

Install only if you are comfortable using AgentPMT's hosted service for document conversion. Do not submit secrets, regulated data, private business documents, or internal signed URLs unless you have authorization and trust the provider's handling of that content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation keywords include very broad terms such as 'convert' and 'url', which are common in unrelated user requests. This can cause unintended tool selection and result in accidental transmission of user-supplied files or links to a remote service, especially because this skill performs hosted processing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill describes conversion behavior but does not prominently disclose that files, URLs, and possibly sensitive document contents are sent to an external hosted service for processing. This weakens informed consent and increases the risk of users or downstream agents submitting confidential data to a third party unintentionally.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The schema describes sending either raw file contents or a public/signed remote URL to a hosted conversion service, but it does not warn users that document contents and referenced URLs will be transmitted to a third-party backend. This creates a real risk of unintended disclosure of sensitive files, secrets embedded in documents, or internal signed URLs, especially because the skill encourages broad document conversion workflows.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal