ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

plsreadme

v0.4.0

Share markdown files and text as clean, readable web links via plsreadme.com. Use when someone asks to share a document, README, PRD, proposal, notes, or any markdown as a shareable link. Also triggers for "create a preview link", "share this as a page", or "make this readable". Requires the plsreadme MCP server (npx plsreadme-mcp).

0· 704·0 current·0 all-time
by@facundolucci
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with the runtime instructions: the skill reads markdown (or accepts text) and publishes a public link via plsreadme.com. No unrelated credentials, binaries, or paths are requested.
Instruction Scope
SKILL.md explicitly instructs the agent to read local .md files and upload them to the plsreadme service (or accept text). That is consistent with the purpose, but it involves reading arbitrary files and transmitting their contents to an external, public endpoint — so the agent must confirm with the user before sharing sensitive content (the doc even notes links are public).
!
Install Mechanism
There is no formal install spec, but the README recommends 'npx -y plsreadme-mcp' which will fetch and execute code from the npm registry at runtime. npx executes remote packages (supply-chain risk). The alternative is a remote MCP URL (https://plsreadme.com/mcp), which means content and metadata will be sent to that external service. No homepage, repository, or package provenance is provided to validate the npm package or remote endpoint.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate to its stated task. However, the effective capability (read local files + upload to public site) can expose sensitive data if used without caution.
Persistence & Privilege
The skill does not request always:true or any elevated/persistent platform privileges. It's user-invocable and can be invoked autonomously per platform default, which increases impact if combined with external execution, but autonomy alone is not a new risk here.
What to consider before installing
This skill does what it promises (publish markdown as public links) but exercise caution before installing or running it: - Verify the service and npm package: there is no homepage or repo in the skill metadata, and the README suggests running 'npx -y plsreadme-mcp' (npx will download and execute code from the npm registry). Inspect the package/source on npm or GitHub before running npx. - Prefer the remote MCP URL only if you trust plsreadme.com; understand that uploaded content becomes a permanent public URL. - Confirm with users before uploading any files or pasted text that may contain secrets or private information. - If you must use npx, consider running it in a restricted environment or inspecting the package contents first rather than using '-y' to auto-accept. If you can obtain the package repository or a verified homepage for plsreadme, re-run evaluation — that evidence would raise confidence and could change the verdict to benign.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ah6b1k7kcexhc5h4b6nxchn8112ad

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments