format-markdown-mkdocs
AdvisoryAudited by VirusTotal on Mar 24, 2026.
Overview
Type: OpenClaw Skill Name: format-markdown Version: 1.0.0 The skill bundle is a markdown formatting tool designed to optimize content for MkDocs/Material rendering. It includes a Node.js script (scripts/format-structure.mjs) that uses standard markdown processing libraries (unified, remark) to adjust spacing around math, list, and table blocks. The workflow described in SKILL.md involves reading files, generating summaries, and performing file-system operations (backups and writes) that are entirely consistent with its stated purpose. No evidence of data exfiltration, malicious execution, or prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the in-place mode is selected, the original markdown file may be changed directly.
The skill clearly discloses an option that changes the original file rather than writing only a separate formatted copy.
Structural fixes only - Run the structural compatibility script on the original file in-place - No copy created; modifies the original file directly
Use the formatted-copy option or keep version-control/backups when working on important files.
Users may not realize that using the skill can involve trusting and running bundled Node-based formatter code.
The registry presentation is under-declared because the skill ships runnable local code and package files despite being described as instruction-only.
No install spec — this is an instruction-only skill. Code file presence: 1 code file(s): scripts/format-structure.mjs
Review the bundled script and dependency files before installation, especially because the source and homepage are not provided.
Sensitive information from a source document could be duplicated into an additional local analysis file.
The workflow creates a persistent local analysis file containing summaries, highlights, formatting issues, and other derived information from the source document.
Save analysis to file: `{original-filename}-analysis.md`Avoid using the skill on sensitive documents unless you are comfortable with local sidecar analysis files being created, and delete those files when no longer needed.