Context-Inappropriate Capability
Medium
- Confidence
- 91% confidence
- Finding
- The skill explicitly instructs downloading remote images during document conversion, which introduces outbound network access and SSRF-style risk beyond a simple local Markdown-to-DOCX transformation. If untrusted Markdown contains attacker-controlled image URLs, the converter may contact arbitrary internal or external hosts, leak access metadata, or embed malicious content without clear user consent.
