Web to Markdown

Security checks across malware telemetry and agentic risk

Overview

This skill openly turns user-provided web links into markdown using named third-party extraction services, with the main caution that submitted URLs may be shared externally.

Install this only if you are comfortable with provided URLs being sent to markdown.new or r.jina.ai. Avoid using it with private intranet links, authenticated pages, signed links, URLs containing tokens or secrets, or links whose existence should remain confidential.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to send user-supplied URLs to third-party services (markdown.new and r.jina.ai) but does not require warning the user or obtaining consent. This can expose sensitive URLs, internal endpoints, signed links, tokens embedded in query strings, or private document locations to external providers, creating privacy and data-handling risks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal