ClawHub
Back to skill

Security audit

Md2pdf

Security checks across malware telemetry and agentic risk

Overview

This skill is a purpose-aligned Markdown-to-PDF helper; it has expected dependency and network needs, with a few transparency notes rather than evidence of abuse.

Before installing, expect this skill to run local conversion commands, read the Markdown file you provide, write PDFs/config files, and possibly install or download pandoc, Playwright/Chromium, and Mermaid-related assets. Review dependency commands in restricted environments and note that the uploaded artifact references a scripts/md2pdf.py converter that is not present in the inspected file list.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill enables Mermaid support and explicitly states that Mermaid.js may be automatically downloaded and locally cached, but it does not clearly warn users up front that enabling this feature can cause outbound network access. In an agent setting, hidden network activity can violate user expectations, leak environment metadata, or break offline/security-sensitive workflows.

Natural-Language Policy Violations

Low
Confidence
76% confidence
Finding
The skill instructs the AI to inspect the user's language environment (for example LANG=zh_CN) and automatically change installation guidance without explicit user consent. While the behavior is limited, it normalizes environment inspection and silent behavior changes, which can erode transparency and create privacy or predictability concerns in agent execution.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.