nuxt-ui-2
Pass
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: LOW
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The documentation suggests installing standard, trusted packages from Vercel (
ai,@ai-sdk/gateway,@ai-sdk/vue). These are well-known industry libraries for building AI-powered applications. - [PROMPT_INJECTION] (INFO): The AI chat example in
references/layouts/chat.mdincludes a basic system prompt ('You are a helpful assistant.'). This is a standard implementation boilerplate and does not contain instructions to bypass safety filters or reveal system prompts. - [COMMAND_EXECUTION] (LOW): The documentation contains shell command examples for package installation (e.g.,
pnpm add). These are illustrative and intended for developers setting up the environment, not for automated execution by an agent without oversight. - [DATA_EXFILTRATION] (SAFE): No evidence of hardcoded credentials, access to sensitive local files (like SSH keys or environment variables), or data exfiltration to unknown domains was found. Network calls are limited to standard API endpoints for chat functionality.
- [INDIRECT_PROMPT_INJECTION] (LOW): The chat and editor layouts handle untrusted user data. While the examples do not show explicit sanitization (which is typical for UI documentation), the surface is limited to standard UI rendering components like
<MDC>(Markdown) and<UEditor>.
Audit Metadata