Markdown Validator

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a local Markdown link checker with no evidence of network access, credential use, persistence, or hidden behavior.

This is reasonable to install if you want a local Markdown link checker. Run it only on files or folders you are comfortable scanning, because its output can include local file paths, link text, and broken-link URLs.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Low

Confidence: 96% confidence
Finding: The provided manifest context says the skill 'Validates Markdown files for broken local links,' which is narrowly scoped to local link validation. In package.json, the description says it 'Checks markdown files for broken links and structural issues,' adding structural validation that is not reflected in the stated manifest purpose.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal