Skills
skills/kingdee/kwc-skills/kwc-shoelace-vue/Gen Agent Trust Hub

kwc-shoelace-vue

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill consists entirely of markdown documentation and Vue 3 code examples for UI components.
  • [DATA_EXFILTRATION]: No sensitive data exposure or exfiltration detected. Example code uses well-known testing services like httpbin.org for demonstration purposes.
  • [REMOTE_CODE_EXECUTION]: No remote code execution patterns, unauthorized dependency installations, or dangerous shell commands were found.
  • [PROMPT_INJECTION]: No attempts to override agent behavior or bypass safety guidelines were detected in the skill instructions or metadata.
  • [INDIRECT_PROMPT_INJECTION]: The skill documents components like sl-x-markdown which process external data. The documentation correctly identifies security risks and highlights safety features such as escapeRawHtml, which is enabled by default to prevent cross-site scripting (XSS) and prompt injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 05:46 AM