ClawHub

Markdown Canvas

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal markdown-rendering skill with some disclosure gaps around when it writes or presents converted content.

Before installing, treat this as a markdown export/presentation tool: use it only on documents you are comfortable rendering into a separate HTML file or showing in Canvas, check the output path before conversion, and avoid using it for private markdown unless you have reviewed or redacted the content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad enough to match many ordinary requests about rendering or displaying markdown, which can cause the skill to activate outside a narrowly intended scope. In an agent setting, overbroad activation increases the chance of unintended file handling or content publication workflows being invoked without the user explicitly asking for this specific skill.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README recommends pushing rendered output to Canvas but does not warn that this republishes the markdown’s contents to another surface, which may expose sensitive data more broadly than the user expects. Because this skill is specifically designed for visual sharing and presentation, the lack of a disclosure or confirmation step materially raises the risk of accidental data exposure.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger phrases are broad enough to match generic requests such as 'display', 'share', or 'make pretty,' which could cause the skill to activate outside its narrow markdown-to-HTML purpose. Overbroad activation increases the chance of unintended file processing and output generation, especially when combined with file read/write behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill description explains how to run the converter but does not clearly warn that it creates a new HTML file on disk next to the source file by default or at a custom path. This omission can lead to unexpected file creation or overwriting in user directories, reducing transparency around side effects of using the skill.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal