vitepress
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Category 1: Prompt Injection (SAFE): No instructions found attempting to override agent behavior or bypass safety filters. The markdown content is purely instructional regarding VitePress usage.
- Category 2: Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file paths were detected. References to API keys (e.g., Algolia search) use clearly labeled placeholders like 'YOUR_API_KEY'.
- Category 3: Obfuscation (SAFE): No use of Base64, zero-width characters, homoglyphs, or other obfuscation techniques was found.
- Category 4: Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard community packages (sass, less, csv-parse) and provides installation instructions for documentation purposes. No automated or hidden remote script execution (e.g., curl|bash) is present.
- Category 5: Privilege Escalation (SAFE): No commands involving sudo, chmod 777, or administrative privilege acquisition were detected.
- Category 6: Persistence Mechanisms (SAFE): No attempts to modify shell profiles, cron jobs, or system services were found.
- Category 7: Metadata Poisoning (SAFE): Skill metadata correctly reflects the purpose and source (VitePress/Anthony Fu) without deceptive content.
- Category 8: Indirect Prompt Injection (SAFE): While VitePress can ingest external data (APIs, CMS), the skill provides standard development patterns for these features. It does not introduce new ingestion surfaces that would specifically target the agent's logic.
- Category 9: Time-Delayed / Conditional Attacks (SAFE): No logic gating behavior behind dates, environment variables, or other triggers was found.
- Category 10: Dynamic Execution (SAFE): The skill explains standard VitePress build-time data loading and dynamic routing features. No unsafe use of eval() or runtime code injection was found in the provided documentation scripts.
Audit Metadata