News To Markdown
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is coherently designed to fetch article URLs and convert them to Markdown, but users should verify the external npm package it runs and be mindful of web-fetching and local file-output behavior.
This appears safe for its stated purpose if you trust the pinned npm package and use it on intended article URLs. Before installing, verify the upstream package source, avoid regular use of the npx range-based fallback, and choose output folders carefully when saving Markdown or downloading images.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill may require running third-party npm code in the local agent environment.
The skill runs a separately installed npm package as its main engine. It is pinned and disclosed, and approval is required, but the package code itself is external to the provided artifacts.
"preinstall": "npm install -g news-to-markdown@3.3.1", "requiresApproval": true, "riskReason": "Skill 插件路径在进程内 require() 已安装的第三方 npm 包,存在供应链风险。使用前请审计源码并显式安装固定版本。"
Install only the pinned version from the expected npm/GitHub source, avoid the range-based npx path for regular use, and review or trust the upstream package before use.
The agent can retrieve web pages and save content or images to local paths when asked to convert articles.
The documented workflow fetches user-supplied article URLs, can handle sites beyond the named platforms, and can write Markdown/images locally. This is purpose-aligned, but it is still a broad web-fetching and file-output capability.
其余平台走通用算法(Mozilla Readability),大多数文章均可正常提取。 ... `--url` | 文章 URL(必填) ... `--output` | 输出文件路径 ... `--download-images` | 下载图片到本地
Use it with trusted article URLs and explicit output directories, especially when downloading images or processing batches of links.