layui-vue3
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE] (SAFE): No malicious behaviors, obfuscation, or privilege escalation patterns were found. The skill consists of Markdown documentation and UI code examples.
- [EXTERNAL_DOWNLOADS] (LOW): The skill references the installation of the '@layui/layui-vue' package from npm. This is the primary purpose of the skill and uses the official library package.
- [PROMPT_INJECTION] (LOW): Identified a surface for indirect prompt injection (Category 8) because components like 'layer' render content provided by the user. Evidence: 1. Ingestion point: component content properties. 2. Boundary markers: absent. 3. Capability inventory: UI rendering via 'layer.open' and other components. 4. Sanitization: not specified in the examples.
Audit Metadata