Skills
skills/secondsky/claude-skills/nuxt-ui-v4/Gen Agent Trust Hub

nuxt-ui-v4

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard, well-known packages from trusted organizations (e.g., @nuxt/ui, tailwindcss, zod, and ai-sdk). No unknown or suspicious external sources are used.
  • [COMMAND_EXECUTION] (LOW): The script scripts/check-versions.sh executes npm view to verify package availability. This is a benign utility function with no remote code execution risk.
  • [DATA_EXPOSURE] (SAFE): No hardcoded credentials or sensitive file path access were detected across the 27 files analyzed.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The chat interface components in references/chat-components.md and templates/composables/useAIChat.ts provide a surface for processing untrusted user input via LLMs. This is an expected feature for a chat-focused skill. 1. Ingestion points: readBody(event) in server/api/chat.post.ts. 2. Boundary markers: Absent in provided examples. 3. Capability inventory: Local command execution in check-versions.sh and network operations in useAIChat.ts. 4. Sanitization: Absent, which is typical for UI-focused templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:01 PM