SVG.js — lightweight SVG manipulation & animation library.
Security checks across malware telemetry and agentic risk
Overview
This skill is documentation for using SVG.js and does not include executable code, credential access, hidden behavior, or persistence.
Safe to install as SVG.js reference material. If you copy its examples into a project, review any normal dependency addition such as installing @svgdotjs/svg.js, but the skill itself does not request special privileges or sensitive access.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.