ClawHub

Axiom Markdown Link Auditor

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal Markdown link-auditing skill, with the main caution that its optional remote check contacts third-party URLs.

Install only if you are comfortable with a Markdown auditor reading the files you point it at. Leave remote checking off for private repositories or sensitive drafts unless you are willing for each external link to receive a request from your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill advertises file-reading and external link checking behavior, which implies filesystem access and outbound network requests, but it does not declare those permissions. Undeclared capabilities are dangerous because callers, policy engines, or reviewers may authorize the skill under a false assumption of lower privilege, reducing transparency and weakening least-privilege controls.

Tp4

High
Category
MCP Tool Poisoning
Confidence
77% confidence
Finding
The documented behavior does not match the reported code behavior: the skill allegedly omits core promised functions while performing additional parsing/reporting not described to users. This mismatch is security-relevant because operators may rely on it as a CI control for broken links or orphan detection when it does not actually provide those guarantees, creating a false sense of assurance; undocumented extraction of additional URLs can also trigger unexpected network access or data handling.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The README advertises an optional remote link check using HTTP HEAD requests, but it does not disclose that enabling this feature will contact external servers and reveal the checked URLs, source IP, user agent, and timing metadata. In a documentation-maintenance context this is a real privacy and network-safety issue, especially when repositories may contain private, internal, or pre-release links.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
When --check-remote is used, the tool makes outbound HEAD requests to every HTTP(S) link found in the markdown. In a security-sensitive environment, this can leak network metadata, trigger requests to attacker-controlled URLs, or probe internal-only endpoints if untrusted markdown contains such links; the skill context increases concern because auditing untrusted docs is a realistic use case.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal