Markdown Linter
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: markdown-linter Version: 1.0.0 The skill is classified as suspicious due to its use of file system access (`fs.readdirSync`, `fs.statSync`, `fs.readFileSync`, `fs.existsSync`) in `index.js`. While this file access is plausibly needed for the skill's stated purpose of validating Markdown files, the instructions classify such capabilities without clear malicious intent as 'suspicious'. There is no evidence of intentional harmful behavior like data exfiltration, persistence, or prompt injection attempts in SKILL.md, but the broad file reading capability presents a potential vector for misuse if the agent is prompted to scan sensitive directories.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The tool may read and report paths or link targets from Markdown files in the selected workspace.
The skill recursively scans the chosen directory and reads Markdown files to validate links. This is purpose-aligned, but it can include private Markdown content if run from a broad directory.
async function scan(rootDir = '.') { const mdFiles = findMarkdownFiles(rootDir); ... const fileErrors = validateFile(file, rootDir); }Run it from the intended documentation workspace or pass a specific directory, and review the generated report before sharing it.