ClawHub

Markdown.new Skill

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward URL-to-Markdown skill, with normal privacy and file-output cautions for a third-party conversion tool.

Install only if you are comfortable sending target URLs and fetched page content to markdown.new. Use it for public, non-sensitive pages, avoid URLs with secrets or private query parameters, do not override --api-url unless you trust the endpoint, and choose output filenames that will not overwrite important files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to perform network access to a third-party service and write fetched content to local files, but it does not declare any permissions to make those capabilities explicit. Undeclared network and file-write behavior weakens reviewability and policy enforcement, making it easier for an operator to invoke external requests or create files without clear consent boundaries.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly states that user-supplied URLs are sent to the external service at markdown.new, but it does not warn users about the privacy and data-sharing implications of transmitting browsing targets and potentially sensitive query strings to a third party. In a skill intended for URL ingestion and AI workflows, this omission can cause accidental disclosure of internal, private, or token-bearing URLs.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends a user-supplied URL to the external service at markdown.new, which can disclose browsing targets, internal document locations, or sensitive query strings to a third party. In this skill's context, URL-to-Markdown conversion is the core behavior, so the transmission is expected, but the lack of an explicit warning/consent mechanism still creates a real privacy and data-handling risk if users provide confidential URLs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal