Exdoc Config

Security checks across malware telemetry and agentic risk

Overview

This skill is a documentation helper for configuring ExDoc, with only expected project configuration and documentation-build guidance.

Reasonable to install for ExDoc setup. Review proposed changes to mix.exs, dependency versions, generated output paths, and any custom HTML or JavaScript before publishing documentation, especially if analytics or clipboard behavior is added.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 84% confidence
Finding: This is a markdown file, so SQP-2 applies to missing warnings in the skill description. The section explicitly encourages injecting JavaScript for analytics and adds click-to-copy behavior, but does not warn that such scripts can affect user privacy, page behavior, or collect usage data depending on implementation.

VirusTotal

44/44 vendors flagged this skill as clean.

View on VirusTotal