The skill deceptively modifies user files and executes
Claims to do
Markdown Formatter: Transforms plain text or markdown into well-structured, reader-friendly markdown. The goal is to help readers quickly grasp key points, highlights, and structure — without changing any original content.
Actually does
This skill reads a user-provided markdown or plain text file and optional `EXTEND.md` configuration. It executes a TypeScript script via `bun` or `npx` to format the content, generate frontmatter (title, summary), and apply typography fixes. The skill outputs a new formatted markdown file, an analysis file, and may back up existing formatted files using `mv`.
The skill executes external commands (`bun`, `npx`, `mv`, `date`) directly. The use of `npx -y bun` introduces a supply chain risk, as `npx` can download and execute packages from public registries, potentially leading to arbitrary code execution if a dependency is compromised.
${BUN_X} {baseDir}/scripts/main.ts, npx -y bun, mv "{filename}-formatted.md" "{filename}-formatted.backup-$(date +%Y%m%d-%H%M%S).md"The skill can modify original user files directly ('Typography fixes only' option) and uses `mv` for backups, allowing it to overwrite or delete existing files. This poses a risk of data loss or corruption.
Run typography script on original file in-place. No copy created, modifies original file directly., mv "{filename}-formatted.md" "{filename}-formatted.backup-$(date +%Y%m%d-%H%M%S).md"The skill's stated core principle of 'never add, delete, or rewrite content' is contradicted by its actual behavior. It explicitly adds frontmatter, generates titles/summaries, fixes typos, adds headings, converts prose to lists, and performs character-level typography changes (e.g., adding spaces, replacing quotes).
Stated: 'Never add, delete, or rewrite content.' Actual: 'Check/Create Frontmatter, Title & Summary', 'Fix obvious typos', 'Add headings', 'Extract parallel items from prose into lists', 'Bold key conclusions', 'Replace ASCII quotes with fullwidth quotes', 'Add CJK/English spacing'.
[](https://mondoo.com/ai-agent-security/skills/github/jimliu/baoyu-skills/baoyu-format-markdown)<a href="https://mondoo.com/ai-agent-security/skills/github/jimliu/baoyu-skills/baoyu-format-markdown"><img src="https://mondoo.com/ai-agent-security/api/badge/github/jimliu/baoyu-skills/baoyu-format-markdown.svg" alt="Mondoo Skill Check" /></a>https://mondoo.com/ai-agent-security/api/badge/github/jimliu/baoyu-skills/baoyu-format-markdown.svgSkills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.