ClawHub

sawana-multicul/official-docs-to-mdx

Security checks across malware telemetry and agentic risk

Overview

This skill transparently converts a user-provided documentation URL into a local MDX file, with expected network and file-write risks that users should control carefully.

Install only if you are comfortable sending the source URL to markdown.new and letting the agent write or overwrite the destination path you provide. Use it for public or shareable documentation, review the output path before running, and ask the agent to list any .mdx or index.mdx files it plans to create or update.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill instructs the agent to execute a shell script with user-supplied arguments, but it does not declare permissions or otherwise surface that shell execution capability. This creates a transparency and policy-enforcement gap: agents or reviewers may treat the skill as lower risk than it is, even though it can invoke local shell tooling and perform downstream file and network operations.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill description and notes do not prominently warn that execution will fetch arbitrary remote content from a provided URL and overwrite an existing output path. That omission can lead users or calling agents to supply sensitive paths or untrusted URLs without understanding the side effects, increasing the chance of unwanted network access, data clobbering, or ingestion of attacker-controlled content into local documentation stores.

Missing User Warnings

Low
Confidence
93% confidence
Finding
The script sends a user-supplied URL fragment to the external service markdown.new without any notice, confirmation, or restriction on what will be transmitted. In this skill's context, users may expect local conversion of docs, but the implementation forwards the requested target to a third party, creating a privacy and data-handling risk even if the URL is only embedded as a path component.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal