yy-frontend-vue3-review
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to perform static code analysis on local Vue3 projects. It follows a well-defined workflow to identify modified files in the 'src' directory using git commands and reviews them against documented best practices.
- [SAFE]: No evidence of data exfiltration, remote code execution, or obfuscation was found. The skill includes security-focused checks, such as searching for hardcoded secrets and XSS risks, as part of its auditing process.
- [COMMAND_EXECUTION]: The skill utilizes
git diffandgit diff --cachedto identify modified files for review. These are standard operations for development tools and are restricted to retrieving filenames within the project repository. - [PROMPT_INJECTION]: The skill processes untrusted input in the form of code changes (Indirect Prompt Injection). This is an inherent property of code review tools. The risk is managed by the skill's specific instructions to provide structured, objective feedback and its limited scope of action (reading files and performing git operations).
Audit Metadata