tauri-v2-dev
Fail
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE]: The skill provides educational content and code examples that adhere to standard industry practices for Tauri development. While it includes examples of command execution and package installation, these are necessary for project setup and core functionality.
- [EXTERNAL_DOWNLOADS]: The documentation suggests installing legitimate packages from public registries (NPM and PyPI) and utilizing system-level package managers like Homebrew. These operations target well-known and trusted package sources.
- [PROMPT_INJECTION]: The guide describes an architecture for ingesting user data into AI memory frameworks (mem0) and vector databases (SeekDB), which constitutes an indirect prompt injection surface. (1) Ingestion points: Untrusted data enters the context through Memory.add and Collection.add operations. (2) Boundary markers: No specific delimiters are implemented in the code snippets. (3) Capability inventory: The guide includes examples of network fetching and command execution. (4) Sanitization: Input validation or filtering is not present in the educational code samples.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata