managing-tauri-app-resources
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGH
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard, reputable packages including '@tauri-apps/api' and '@tauri-apps/plugin-fs'. No suspicious or unverifiable third-party dependencies are requested.
- [COMMAND_EXECUTION] (SAFE): Bash commands used are standard development workflows for the Tauri CLI (
cargo tauri icon) and do not involve piped remote execution or arbitrary shell injection. - [DATA_EXFILTRATION] (SAFE): File system access is limited to the application's resource directory using the official
BaseDirectory::Resourceresolve pattern. There are no patterns suggesting data exfiltration or access to sensitive user directories (e.g., ~/.ssh). - [INDIRECT_PROMPT_INJECTION] (LOW): The skill demonstrates how to read and parse external resource files (JSON/text). While this constitutes a data ingestion surface, the snippets utilize safe deserialization via Serde (Rust) and standard JSON parsing (JavaScript). As this is a core framework feature, the risk is negligible in the context of development assistance.
- [PROMPT_INJECTION] (SAFE): The instructions are purely technical and do not contain any attempt to override agent instructions, extract system prompts, or bypass safety filters.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata