svelte5-showcase-components
Fail
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [CREDENTIALS_UNSAFE]: The documentation includes a usage example for a service card component that contains hardcoded placeholder credentials. * Evidence in examples/component-examples.md: The ServiceCard usage example includes a 'Password' field with the value 'secret123'.
- [COMMAND_EXECUTION]: The integration instructions suggest executing file copy commands using absolute local paths from the author's workstation which would not be valid on other systems. * Evidence in SKILL.md: Instructions suggest running 'cp -r /Users/dawiddutoit/projects/play/svelte/src/lib/components/ui/button ./src/lib/components/ui/'.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing various standard UI dependencies and using the shadcn-svelte CLI for component management. * Evidence in references/integration-guide.md: Lists dependencies like bits-ui@^2.14.4, lucide-svelte@^0.562.0, and tailwind-variants@^3.2.2 for installation.
Recommendations
- AI detected serious security threats
Audit Metadata