markdown-to-word

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Markdown-to-Word converter with disclosed local file use and no evidence of hidden access, persistence, credential use, or exfiltration.

Install if you are comfortable with the skill reading the Markdown, template, metadata, and resource paths you provide and writing the DOCX output path you choose. Review output paths to avoid overwriting important files, use trusted templates and Markdown when possible, and make sure pandoc is installed.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill instructs the agent to invoke a shell command (`python3 scripts/markdown_to_docx.py`) and to read Markdown/template files and write DOCX output, but it declares no permissions for those capabilities. That mismatch is a real security issue because hidden or undeclared file and shell access weakens policy enforcement and user visibility, especially when user-controlled paths and Markdown content are passed into a conversion pipeline.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal