nuxt-docs
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
fetch.pyscript usessubprocess.runto callcurl. By passing arguments as a list rather than a single string, it avoids shell expansion and protects against command injection.\n- [EXTERNAL_DOWNLOADS]: Fetches documentation from the official Nuxt repository on GitHub (github.com/nuxt/nuxt). This is a well-known source, and the content is retrieved over HTTPS and treated as raw data.\n- [PROMPT_INJECTION]: Indirect prompt injection surface identified through ingestion of external Markdown data.\n - Ingestion points: Remote documentation fetched from GitHub in
fetch.py.\n - Boundary markers: None used for documentation content.\n
- Capability inventory: The skill can execute
curland write files to the local cache viafetch.py.\n - Sanitization: Requests are limited to a hardcoded whitelist of file paths, and content is not executed.\n- [SAFE]: The skill validates all requested topics against a static whitelist dictionary. This ensures that only intended documentation files can be fetched and prevents path traversal vulnerabilities during local cache file operations.
Audit Metadata