Back to skill

Security audit

Web to Markdown Pro

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward web-page-to-Markdown helper, with expected network fetching and file output, but it relies on an external pip package that is not included in the reviewed artifacts.

Install only if you trust the `web2md` pip package, preferably in a virtual environment with a pinned version. Review the URLs, batch input files, and output directory before running it, especially when processing untrusted reading lists or writing into important folders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad enough that the skill could be invoked for loosely related requests such as general article saving, content extraction, or reading-list processing without clear user awareness that a URL fetch and file-writing action may occur. In an agent setting, over-broad activation increases the chance of unintended network access, processing of untrusted URLs, or writing output to disk when the user did not explicitly request this specific tool.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill description does not clearly warn users that it will access remote URLs and may write converted content to local files or directories. In an agent environment, missing disclosure about network and filesystem side effects can lead to unintended data flow, accidental overwrites, or retrieval of attacker-controlled content without informed user consent.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.