vue-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No attempts to override agent behavior or bypass safety filters were detected. The instructional language is standard for development guidelines.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file path access, or exfiltration patterns were identified. Code examples use safe, illustrative API endpoints for demonstration.
- Obfuscation (SAFE): The skill contains no encoded, hidden, or deceptive content intended to evade detection or bypass analysis.
- Unverifiable Dependencies & Remote Code Execution (SAFE): Recommended libraries (e.g., Pinia, VueUse, GSAP, TanStack Virtual) are well-established, trusted, and standard in the frontend ecosystem. No remote script execution patterns were found.
- Privilege Escalation (SAFE): No commands for escalating system privileges or modifying sensitive configurations were detected.
- Persistence Mechanisms (SAFE): No attempts to establish persistent access or modify shell startup files were identified.
- Indirect Prompt Injection (SAFE): The skill includes proactive security guidance for handling untrusted content using DOMPurify to prevent XSS vulnerabilities.
- Dynamic Execution (SAFE): Standard Vue.js render functions and template patterns are used correctly for their intended architectural purposes without introducing dynamic execution risks.
Audit Metadata