uniapp-project
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The content is strictly limited to technical documentation and development guidance.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized data exfiltration patterns were detected. Network API examples (e.g.,
uni.request) use standard placeholders likehttps://api.example.com. - Obfuscation (SAFE): No Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques were found in any of the 167 analyzed files.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not install external packages or execute remote scripts. Reference documentation for the
web-viewcomponent includes links to official SDKs (e.g., WeChat JSSDK, Baidu Smart Program SDK) from trusted providers, which is appropriate for its educational purpose. - Privilege Escalation (SAFE): No commands related to privilege escalation (e.g.,
sudo,chmod 777) or administrative overrides were identified. - Persistence Mechanisms (SAFE): No attempts to establish persistence, such as modifying shell profiles or creating scheduled tasks, were found.
- Dynamic Execution (SAFE): The skill provides static code examples. It does not generate or execute dynamic code based on untrusted input.
Audit Metadata