Is emcmillan80/qmd-markdown-search safe?

https://github.com/openclaw/skills/tree/main/skills/emcmillan80/qmd-markdown-search

87
SAFE

This skill provides documentation for qmd, a legitimate local markdown search tool. While it requires installation of external code and accesses user files, the functionality is transparent and appropriate for its stated purpose. No malicious behavior was detected during installation monitoring.

Category Scores

Prompt Injection 85/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 75/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (4)

MEDIUM External Code Installation -25

The skill instructs the agent to install external code from GitHub via 'bun install -g https://github.com/tobi/qmd'. While this appears to be a legitimate markdown search tool, it introduces supply chain risk.

LOW External URL References -10

The skill contains references to external GitHub repositories. While legitimate for documentation purposes, external URLs can potentially be vectors for prompt injection or redirection attacks.

LOW File System Access -10

The tool will access and index user's markdown files as configured. While this is the intended functionality, it could potentially access sensitive information if misconfigured.

INFO Shell Command Instructions -5

The skill provides shell command examples that the agent may execute. These appear legitimate but increase the attack surface.