vitepress-tutorial
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it reads and processes untrusted source code during analysis.
- Ingestion points: Phase 2 (Deep Analysis) uses an Explore agent to read files in the target source directory.
- Boundary markers: Absent; no specific delimiters are used to separate untrusted source code from agent instructions.
- Capability inventory: The skill performs directory creation, file writing, and shell command execution (
pnpm install). - Sanitization: Absent; the skill does not sanitize or validate external source code content before processing it.
- COMMAND_EXECUTION (LOW): The skill executes
pnpm installto set up the VitePress environment. This is a primary intended function and uses theonlyBuiltDependenciesconfiguration to mitigate risk. - EXTERNAL_DOWNLOADS (LOW): Standard documentation packages (
vitepress,mermaid) are downloaded from the npm registry as part of the expected workflow.
Audit Metadata