Feed To Md

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it fetches a user-provided public RSS/Atom feed and converts it to Markdown, with disclosed and tested limits on URLs and output files.

Install if you need RSS/Atom-to-Markdown conversion. Only provide feed URLs you intend to contact, choose output paths carefully because existing .md files may be overwritten, and review generated Markdown before using it as trusted context.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 95% confidence
Finding: The skill clearly enables outbound network access to arbitrary feed URLs and can write Markdown files, but it does not declare corresponding permissions. Even though the documentation includes sensible security guidance, the undeclared capabilities create a trust and enforcement gap: a caller or platform may assume the skill is less privileged than it actually is. In this context, network access is especially sensitive because feed URLs are user-controlled and can become an SSRF primitive if the runtime or bundled script fails to enforce the documented public-IP restrictions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal