vue-debug-guides
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill contains no attempts to override agent behavior, bypass safety filters, or extract system prompts. All instructional language is strictly technical, providing guidance on Vue.js development patterns.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, API keys, or sensitive file paths were detected. Code snippets use generic placeholders and standard API endpoint examples. One file specifically addresses preventing data leakage in SSR environments, demonstrating a focus on security education.
- Obfuscation (SAFE): The content is presented in clear, plain-text markdown. No Base64-encoded instructions, zero-width characters, or homoglyph-based bypasses were found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard, well-known libraries in the Vue ecosystem (e.g., Pinia, Vue Router, VueUse). There are no commands that download or execute remote scripts (e.g., curl | bash).
- Privilege Escalation (SAFE): No commands related to acquiring elevated permissions or bypassing OS security controls are present.
- Persistence Mechanisms (SAFE): The skill does not attempt to modify system configuration files, shell profiles, or scheduled tasks.
- Indirect Prompt Injection (SAFE): The skill provides a static reference guide without any ingestion points for untrusted runtime data or exploitable execution capabilities. It does not contain self-referential text targeting the analyzer.
- Dynamic Execution (SAFE): There is no use of unsafe execution functions like eval(), exec(), or dangerous deserialization patterns in the provided examples.
Audit Metadata