ClawHub

Markdown to Word Converter

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward local Markdown-to-Word converter, with normal file read/write behavior for that purpose.

Before installing or using it, confirm the exact Markdown input file and the intended .docx output path, especially if a file with that name already exists. Install python-docx only from a trusted package source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to read a user-specified Markdown file and process it, but the metadata shown does not declare any permissions. That mismatch is dangerous because it hides file-access capability from policy enforcement and user review, making unintended local file access more likely if the skill is invoked on ambiguous requests.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are broad enough that an agent could select this skill without a clearly identified source file, then infer or choose a file from context. In a file-conversion skill, that increases the chance of operating on the wrong document, causing unintended data exposure or modification of user workflows.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation describes creating an output .docx file but does not warn that the chosen output path may create a new file or overwrite an existing one. In an automated agent setting, omission of that warning is risky because users may not realize a conversion action performs persistent filesystem writes and could destroy an existing document.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal