vueuse-functions
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety guidelines were found. The files are strictly technical documentation.
- Data Exposure & Exfiltration (SAFE): While the documentation describes many network-related utilities (e.g.,
useAxios,useWebSocket,useFetch), the examples use standard testing endpoints or placeholders. No hardcoded credentials or sensitive file paths were detected. - Obfuscation (SAFE): No hidden or encoded content (Base64, zero-width characters, homoglyphs) was found. Content related to Base64 (
useBase64) is purely functional documentation. - Unverifiable Dependencies & Remote Code Execution (SAFE): The documentation lists standard peer dependencies for the library (e.g.,
axios,focus-trap). No suspicious remote scripts or piped bash commands were found. - Privilege Escalation (SAFE): No commands related to privilege escalation (e.g.,
sudo,chmod 777) were identified. - Persistence Mechanisms (SAFE): No attempts to maintain access across sessions were found.
- Metadata Poisoning (SAFE): Frontmatter and metadata in the markdown files are standard and descriptive of the library's organization.
- Indirect Prompt Injection (SAFE): The skill documentation describes utilities that handle user-controlled data (URL params, cookies, storage). While this defines an attack surface for applications built with these tools, the documentation itself is benign and does not contain malicious payloads.
- Time-Delayed / Conditional Attacks (SAFE): No logic gating behavior based on time or environment triggers was detected.
- Dynamic Execution (SAFE): Utilities like
useScriptTaganduseWebWorkerFnare documented for legitimate browser API usage. No unsafe assembly of executable code from untrusted inputs was found.
Audit Metadata