PLS URL to Markdown

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward URL-to-Markdown helper; its network fetching and optional file output are expected for that purpose.

Install dependencies in an environment you control, fetch only URLs you intend to retrieve, avoid internal or sensitive pages unless that is deliberate, and choose output paths carefully when saving converted Markdown.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 93% confidence
Finding: The skill explicitly advertises fetching arbitrary URLs and optionally writing converted output to disk, but it provides no warning or guardrails about external network access, untrusted remote content, or local file creation. This can lead users or downstream agents to perform unintended outbound requests or persist unreviewed content without adequate consent or validation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal