ClawHub

Zhy Markdown2wechat

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Markdown-to-WeChat HTML converter, with the main caveat that it may run npm during conversion.

Install only if you are comfortable with a converter that may contact npm to install marked and juice at runtime. Use trusted Markdown and CSS inputs, pick an output path that will not overwrite important files, and run it from a directory where temporary .wechat-temp creation and deletion is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly instructs the agent to run a local Node.js script and create an output HTML file on the user's behalf. Even though the stated purpose is legitimate Markdown conversion, this expands the agent from passive guidance into direct command execution over user-supplied paths, which can cause unintended file reads/writes or execution of unreviewed local code if the skill package is tampered with or invoked without clear user consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script automatically runs `npm install` at execution time if dependencies are missing, which causes unreviewed network access and execution of package installation lifecycle scripts. Because the package names are hardcoded but fetched live, this creates a supply-chain risk and can execute attacker-controlled code if the registry, dependency resolution path, or package distribution is compromised.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal