vue-expert
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior, bypass safety guidelines, or extract system prompts.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or network communication patterns were identified.
- Obfuscation (SAFE): Content is clear-text markdown and plain text; no Base64, zero-width characters, or homoglyphs detected.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No package managers (npm, pip) or remote script execution (curl | bash) patterns are present.
- Privilege Escalation (SAFE): No commands requesting elevated permissions (sudo, chmod) or system modification patterns were found.
- Persistence Mechanisms (SAFE): No attempts to establish persistence via shell profiles, cron jobs, or startup services.
- Metadata Poisoning (SAFE): Metadata in the YAML frontmatter and localized descriptions accurately reflect the skill's stated purpose without deceptive instructions.
- Indirect Prompt Injection (SAFE): This skill is documentation-only and does not define an automated ingestion or processing pipeline for untrusted data. 1. Ingestion points: None (Static documentation files only). 2. Boundary markers: N/A. 3. Capability inventory: None. 4. Sanitization: N/A.
- Time-Delayed / Conditional Attacks (SAFE): No logic found that triggers behavior based on time, environment, or usage conditions.
- Dynamic Execution (SAFE): No use of eval(), exec(), or runtime code generation techniques.
Audit Metadata