nuxt-fonts
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation suggests using 'npx -y skilld search', which triggers a download of the 'skilld' package from the NPM registry. This package is not part of the 'nuxt-modules' namespace nor is it listed as a trusted vendor in the security configuration.
- [COMMAND_EXECUTION]: The skill provides specific command examples using 'skilld' to search through its internal documentation. This encourages the execution of untrusted third-party code that has not been verified for security.
Audit Metadata