File to Markdown Converter
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent cloud file-conversion skill, but it tells agents to upload local or private documents to an external service without clear consent, sensitivity limits, or retention/privacy details.
Use this skill only if you are comfortable sending selected files or URLs to markdown.new/Cloudflare Workers AI. Avoid uploading confidential, regulated, credential-containing, or proprietary files unless you have permission and understand the service's privacy and retention behavior. Treat the generated Markdown as untrusted source content before adding it to memory, RAG systems, or automated workflows.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Confidential documents, spreadsheets, images, or other local files could leave the user's environment and be processed by a third-party service.
The skill explicitly instructs agents to send local/private/auth-gated file contents to an external provider for conversion, but the artifacts do not describe user confirmation, privacy handling, retention, or sensitivity limits.
API Base URL: https://markdown.new ... Use `/convert` only if: * File is local * File is private * File requires authentication to access
Require explicit user approval before uploading local/private files, document the provider's privacy and retention behavior, and warn users not to upload sensitive or regulated files unless they are authorized to do so.
If converted content is added directly to an agent's context, memory, or knowledge base, malicious or misleading document text could influence later AI behavior.
The converted Markdown is intended for AI/RAG use, including content scraped from webpages or uploaded documents, which may contain untrusted instructions or prompt-injection text.
Common AI workflows: * RAG ingestion pipelines * Knowledge base creation ... * Scrape webpage content into Markdown
Treat converted Markdown as untrusted data, strip or quarantine instructions from source documents, and avoid letting converted content override user or system instructions.
Users may have less information for deciding whether to trust the external conversion service with their files.
The skill has sparse provenance metadata while relying on an external hosted service. There is no code install risk in the supplied artifacts, but users have limited registry context for verifying the service/operator.
Source: unknown; Homepage: none
Verify the markdown.new service and its privacy terms before using it for important or sensitive documents.