Docs Feeder

Security checks across malware telemetry and agentic risk

Overview

This skill fetches documentation as advertised, but users should treat fetched web or local documentation as untrusted content.

Install only if you are comfortable with the agent making outbound requests to documentation sites you name or that the tool guesses. Prefer registry project names or trusted documentation URLs, avoid private/internal URLs, and treat fetched text as reference material rather than instructions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly supports fetching documentation by arbitrary URL and describes automatic discovery of documentation domains, but it does not warn users that requested URLs, query strings, or internal hostnames may be sent to third-party servers. In an agent context, this can expose sensitive project names, private endpoints, intranet URLs, or user intent through outbound requests, creating a real privacy and data-leakage risk even if the feature is otherwise legitimate.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal