Back to skill

Security audit

Markitdown Convert

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward document-to-Markdown converter that reads user-specified files and optionally writes a user-specified Markdown output file.

Before installing, be aware that this skill installs the MarkItDown optional dependency set and converts local documents you point it at. Use it for files you are comfortable processing locally, choose output paths deliberately, and only use the optional plugin flag if you trust the plugins available in your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.