Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
MD Table Image
v1.0.0Render markdown tables as PNG images. Use whenever you need to send a table in chat — render it as an image instead of raw markdown text.
⭐ 0· 528·0 current·0 all-time
by@kirorab
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code matches the stated purpose: a Node script renders markdown to HTML and screenshots it with puppeteer-core. However the project depends on puppeteer-core (which requires an existing Chrome/Chromium) but the SKILL metadata only declares 'node' as a required binary. The script also hard-codes an executablePath to a macOS Chrome binary ('/Applications/Google Chrome.app/...'), which is platform-specific and not reflected in the skill metadata (OS restriction: none).
Instruction Scope
The script builds an HTML document by inserting processed markdown directly into page content without escaping or sanitizing raw HTML. mdToHtml only converts some markdown constructs and will allow raw HTML lines through (formatCell does not escape '<' or '>'). That means arbitrary <script> or <img src=...> tags in input could run in the headless browser or trigger network requests. The code uses page.setContent(..., { waitUntil: 'networkidle0' }), which will wait for network activity—so external requests can occur. This broadens scope beyond simple local rendering and could be used to cause SSRF-like requests or exfiltrate data from the environment accessible to the browser process if untrusted markdown is rendered.
Install Mechanism
There is no install spec; the skill is instruction-only even though package.json and package-lock.json are included. The dependency is puppeteer-core (no bundled Chromium). That means an operator must provide a compatible Chrome/Chromium binary and run npm install to satisfy deps. Lack of an install step and the macOS hard-coded path may cause surprises or misconfiguration on non-mac systems.
Credentials
The skill does not request environment variables or credentials. The absence of declared secrets is appropriate for the stated purpose. Note, however, that the headless browser will have process-level access (filesystem, network) subject to the runtime environment—this is not expressed as required config but is relevant to risk.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges or modify other skills. It does not persist configuration or request long-lived access to agent settings.
What to consider before installing
This skill appears to perform the advertised function, but review and caution are recommended before installing. Key things to consider: 1) The renderer injects unsanitized HTML into a headless browser—do not feed untrusted markdown (or markdown that may include raw HTML) because scripts or remote-resource tags could run and trigger network requests. 2) The script hard-codes a macOS Chrome path and relies on puppeteer-core (no Chromium bundled), so you must ensure a compatible Chrome/Chromium is installed in a safe, sandboxed environment; on non-mac systems the path will fail. 3) The script launches Chrome with --no-sandbox which reduces process isolation; run it in an isolated container or VM if you must render untrusted content. If you plan to use this skill, either (a) sanitize or escape input before rendering, (b) remove/disable execution of raw HTML, or (c) run the tool in an isolated environment and update the executablePath to a managed Chromium installation. If you want me to, I can suggest code changes to properly escape HTML or to fetch a managed Chromium binary instead of using a hard-coded path.Like a lobster shell, security has layers — review code before you run it.
latestvk978z1rveptt0zs1ygjc9e3ew181qm50
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📊 Clawdis
Binsnode