mdx-validator

[Skill Scanner] [Documentation context] Backtick command substitution detected This skill is a local MDX validation and autofix utility for Fumadocs. Its commands and auto-fix behaviors are consistent with the stated purpose. There are no signs of network exfiltration, credential harvesting, or obfuscated/malicious code. The main risks are supply-chain-execution (using npx to run packages from npm) and potentially destructive in-place edits using broad sed regexes. Use with standard precautions (run on copies/branches, pin dev-dependencies) to mitigate these non-malicious but real risks. LLM verification: [LLM Escalated] The mdx-validator concept is aligned with its stated purpose and appears largely benign. The primary concern is documentation-based commands that could trigger user-side installations or script execution. Treat as low-to-moderate risk due to potential user-driven actions; no active malicious behavior detected within the fragment itself.