Security audit

Web Data Convertor

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed AgentPMT-hosted data conversion helper, with no local executable runtime or hidden persistence in the reviewed artifacts.

Install only if you are comfortable sending conversion inputs to AgentPMT. Do not submit secrets, credentials, private config files, regulated data, or sensitive personal data unless that external processing is approved. Treat converted Markdown and HTML as untrusted content and sanitize or validate links before publishing or rendering it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill metadata and description prominently market the converter but do not clearly warn users that submitted content is transmitted to a remote AgentPMT-hosted service. Because this tool is explicitly designed to process arbitrary user-provided text such as JSON, CSV, XML, YAML, HTML, and Markdown, users may unknowingly send sensitive data off-platform, creating a privacy and data-handling risk.

Missing User Warnings

Low

Confidence: 85% confidence
Finding: The HTML-to-Markdown action accepts arbitrary HTML and promises to preserve links, but the schema does not warn that converted output may still contain unsafe URLs, deceptive links, or other untrusted content that downstream agents or users may treat as safe because it is now in Markdown form. In a data-conversion skill, that omission can encourage unsafe rendering or reuse of attacker-controlled content, though the issue is primarily a documentation/safety-guidance gap rather than direct code execution in this file.

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The Markdown-to-HTML action converts attacker-controlled Markdown into HTML, but the schema omits any warning that the output may contain active links or rendered untrusted content. In the context of a web-data conversion skill, users may pipe this HTML directly into webpages, previews, or email templates, increasing the chance of XSS-adjacent misuse or unsafe content rendering if sanitization is skipped.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal