markdown-to-html

Security checks across malware telemetry and agentic risk

Overview

This skill coherently converts user-provided Markdown to HTML using a local Python wrapper around pandoc, with no hidden credential use, persistence, or unrelated behavior found.

Install if you need local Markdown-to-HTML conversion and are comfortable with pandoc reading the Markdown, templates, CSS, metadata, and resource paths you provide. Use trusted custom templates/CSS and be careful with broad resource paths or embedded assets, because referenced local files can become part of the generated HTML output.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 87% confidence
Finding: The skill invokes shell commands (`python3 ...`, and indirectly `pandoc`) but does not declare any permissions for shell/code execution. This creates a transparency and policy-enforcement gap: an agent or reviewer may treat the skill as low-privilege while it actually performs command execution on local files and user-supplied paths. In this context, the skill also accepts file paths, templates, and CSS inputs, which increases the consequences of undeclared shell capability.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal