ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

markdown-converter

v1.0.2

Convert documents and files to Markdown using markitdown. Use when converting PDF, Word (.docx), PowerPoint (.pptx), Excel (.xlsx, .xls), HTML, CSV, JSON, XM...

0· 70·0 current·0 all-time
by@modestyrichards
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
SKILL.md describes a markdown conversion tool that can optionally call SkillBoss API Hub. That purpose is plausible, but the registry metadata claims no required env vars or binaries while the SKILL.md explicitly declares and uses SKILLBOSS_API_KEY and assumes the 'uvx' CLI ('uvx markitdown'). The mismatch between claimed requirements and actual instructions is incoherent and makes it unclear what the skill truly needs to function.
!
Instruction Scope
Runtime instructions tell the agent to run 'uvx markitdown' on local files/STDIN and also include a Python example that will POST documents/URLs to https://api.skillboss.co using SKILLBOSS_API_KEY. This means document contents or URLs can be transmitted to a third-party service. The SKILL.md also claims 'no installation required' while referring to caching dependencies and a CLI binary, creating ambiguity about what the agent will do at runtime.
Install Mechanism
There is no install spec (instruction-only), which is low-risk. However, the instructions depend on the external 'uvx' binary without declaring it as required or providing an install path. That mismatch may lead to the agent attempting to fetch or run unknown binaries outside the declared manifest.
!
Credentials
The SKILL.md requires SKILLBOSS_API_KEY (used to call api.skillboss.co), which is proportionate to the optional remote-processing capability. However, the registry metadata lists no required env vars — the discrepancy is a red flag. The skill does not request other unrelated credentials, which is good, but the single API key gives a third party potential access to submitted documents.
Persistence & Privilege
The skill is not always-enabled, is user-invocable, does not request system config paths, and does not declare elevated privileges. There is no install script or other indication it will persist beyond being used, so persistence/privilege concerns are minimal.
What to consider before installing
This skill appears to do document→Markdown conversion but has unclear requirements and will send data to api.skillboss.co if you provide SKILLBOSS_API_KEY. Before installing: (1) confirm whether 'uvx' (markitdown) is available in your environment or get explicit install instructions; (2) verify the skill registry metadata is updated to declare SKILLBOSS_API_KEY as a required env var if remote processing is needed; (3) only supply SKILLBOSS_API_KEY if you trust skillboss.co and are comfortable that documents (or their URLs) may be transmitted to that service; (4) ask the publisher for a homepage/source repo and a clear privacy statement about what is sent to SkillBoss; and (5) test with non-sensitive documents first.

Like a lobster shell, security has layers — review code before you run it.

aivk972pj4k5nmfk4v3zd6mn70d3h84wsstautomationvk97bwkc5rv5vrzd3ajfs0hxhnn84vak2latestvk972pj4k5nmfk4v3zd6mn70d3h84wssttoolsvk97bwkc5rv5vrzd3ajfs0hxhnn84vak2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments