svelte
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and code examples for the Svelte 5 framework. All instructions and code samples are consistent with the stated purpose of educational guidance.
- [EXTERNAL_DOWNLOADS]: The skill references the installation of official Svelte adapters from the '@sveltejs' organization. These are well-known and trusted sources for the framework's deployment functionality.
- [COMMAND_EXECUTION]: Provides standard developer commands for project initialization and deployment, such as 'npm install', 'npx sv create', and 'node build'.
- [DATA_EXFILTRATION]: No hardcoded credentials or unauthorized data transmission patterns were found. Examples demonstrate secure handling of session cookies and environment variables.
- [PROMPT_INJECTION]: The skill documents a potential surface for indirect prompt injection via the '{@html}' tag in 'references/sveltekit-routing.md'. 1. Ingestion points: Data is loaded from a database in '+page.server.ts'. 2. Boundary markers: Not present in the provided snippets. 3. Capability inventory: Rendering raw HTML content via '{@html}'. 4. Sanitization: Not explicitly shown in the code samples, as they focus on core framework routing features.
Audit Metadata