Pub Mdconv
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This looks like a Markdown converter, but the artifacts describe a broad SkillBoss API tool that can call many unrelated services, including scraping, email, and SMS.
Install only if you intend to use a broad SkillBoss multi-provider API integration, not just a local Markdown converter. Use a dedicated API key, review every command before running it, avoid sensitive files unless you accept the external data flow, and do not run the referenced run.mjs helper unless you have verified its source.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user expecting a narrow document converter may instead grant access to a much broader external AI service.
The artifact presents itself as a Markdown/markitdown converter but then primarily documents a broad SkillBoss API gateway, which could cause users to underestimate the scope of what they are enabling.
description: "Convert documents and files to Markdown using markitdown..." ... "# SkillBoss" ... "One API key, 50+ models across providers"
Rename and describe the skill as a broad SkillBoss API integration, or split the Markdown conversion function into a narrow, clearly scoped skill.
The agent could be guided to use capabilities far beyond file conversion, such as scraping, storage, or communications, if the user does not carefully constrain it.
The skill exposes broad, generic API invocation through Bash/curl across many capability classes, including high-impact categories that are not bounded to Markdown conversion.
Call any model directly by ID ... Types: `chat`, `image`, `video`, `tts`, `stt`, `music`, `search`, `scraper`, `email`, `storage`, `ppt`, `embedding`
Limit documented commands to Markdown/document parsing, or add explicit user-confirmation requirements and scope limits for non-conversion actions.
Compromise or misuse of this key could incur costs or perform actions across many supported providers and model types.
The required credential is not just for local Markdown conversion; it appears to unlock a broad multi-provider API surface.
Auth: `-H "Authorization: Bearer $SKILLBOSS_API_KEY"` ... "One API key, 50+ models across providers (Bedrock, OpenAI, Vertex, ElevenLabs, Replicate, Minimax, and more)."
Use a dedicated, least-privilege SkillBoss key if available, monitor usage, and avoid sharing a key that has broader account permissions than needed.
Sensitive documents, prompts, images, or audio may leave the local environment when using this skill.
The artifacts disclose that user content may be sent to HeyBossAI and routed to downstream providers, including examples involving audio data.
Base URL: `https://api.heybossai.com/v1` ... "providers (Bedrock, OpenAI, Vertex, ElevenLabs, Replicate, Minimax, and more)" ... `"audio_data": "BASE64_AUDIO"`
Do not send confidential files or recordings unless you are comfortable with HeyBossAI and its downstream providers handling that data.
If a user tries to run `run.mjs` from another location, they may execute code that was not included in this review.
Several reference files include commands for a `run.mjs` helper, but the supplied package has no install spec or code file for that helper.
run.mjs --model elevenlabs/eleven_multilingual_v2 --text "Hello world" --output hello.mp3
Use the documented curl commands or only run a helper script whose source and provenance you have verified.