pinia-skilld
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill's description contains instructional text advising the agent to 'ALWAYS use when writing code importing "pinia"'. This is interpreted as a task-specific constraint for developer assistance rather than an attempt to bypass safety guidelines or override system instructions.
- [EXTERNAL_DOWNLOADS]: The documentation includes instructions for users to install the library via standard package managers (npm, yarn, pnpm, bun) and references official repositories under the 'vuejs' GitHub organization. These are standard educational references for developers and do not involve the agent downloading or executing untrusted code.
- [DATA_EXFILTRATION]: No patterns associated with sensitive data exposure or exfiltration were found. Code snippets provided in the documentation use benign placeholder strings (e.g., 'the cake is a lie') and standard browser APIs for state management (e.g., localStorage).
- [REMOTE_CODE_EXECUTION]: The skill consists exclusively of markdown documentation and contains no executable scripts or commands that would lead to remote code execution in the agent's environment.
Audit Metadata