Security Audit

markdown-slides

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned 3 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

markdown-slides received a trust score of 64/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 7 findings: 0 critical, 1 high, 2 medium, and 4 low severity. Key findings include Covert behavior / concealment directives, Missing required field: name, Potential Cross-Site Scripting (XSS) via Markdown to HTML conversion.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

92%

Static Code Analysis

93%

Dependency Graph

100%

LLM Behavioral Safety

78%

Behavioral Risk Signals

Filesystem Write

2 findings

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings7

Severity	Finding	Layer	Location
HIGH	Potential Cross-Site Scripting (XSS) via Markdown to HTML conversion The skill converts untrusted markdown input into HTML, which is then embedded in a self-contained HTML file. If the markdown parser does not adequately sanitize or escape all user-controlled input (e.g., raw HTML tags, `javascript:` URIs in links/images, or event handlers), it could lead to Cross-Site Scripting (XSS) when the generated HTML file is opened in a browser. An attacker could inject malicious scripts to steal cookies, deface the page, or perform other malicious actions. This risk applies to the content of slides and potentially the presentation title if derived from user input. Implement robust HTML sanitization for all user-provided markdown content before converting it to HTML. Use a well-vetted markdown-to-HTML library that includes XSS protection, or ensure all generated HTML attributes and content are properly escaped. Specifically, disallow raw HTML, sanitize `javascript:` URIs, and escape all user-controlled text, including the presentation title.	LLM	SKILL.md:20
MEDIUM	Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter.	Static	skills/sa9saq/markdown-slides/SKILL.md:1
MEDIUM	Potential Path Traversal in file saving The skill description indicates that the generated HTML file can be saved to a 'user-specified path'. If the underlying file writing mechanism used by the LLM does not properly validate or sanitize the provided path, an attacker could specify a path containing directory traversal sequences (e.g., `../../../../etc/passwd` or `../../../../var/www/html/malicious.html`) to write files to arbitrary locations on the system. This could lead to overwriting critical files, placing malicious content in web-accessible directories, or other unauthorized file system modifications. Ensure that any user-specified file paths are strictly validated and sanitized to prevent directory traversal. Restrict file saving to a designated, sandboxed output directory. Do not allow absolute paths or paths containing `..` sequences. The LLM's file writing tool should enforce these restrictions.	LLM	SKILL.md:69
LOW	Covert behavior / concealment directives HTML comment containing suspicious keywords Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/sa9saq/markdown-slides/SKILL.md:53
LOW	Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/sa9saq/markdown-slides/SKILL.md:38
LOW	Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/sa9saq/markdown-slides/SKILL.md:40
LOW	Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users.	Manifest	skills/sa9saq/markdown-slides/SKILL.md:49

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/8d1d466f40aa863d.svg)](https://skillshield.io/report/8d1d466f40aa863d)