tauri
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill provides CLI instructions to install the Tauri toolchain using npm and cargo (e.g., 'npm install @tauri-apps/cli', 'cargo install tauri-cli'). These are standard for the framework's primary purpose but involve system-level commands.
- EXTERNAL_DOWNLOADS (LOW): The skill references external documentation mirrors (v2.tauri.org.cn) and the official GitHub repository. While standard, these are not on the predefined list of trusted external sources.
- PROMPT_INJECTION (LOW): The skill exhibits a surface for indirect prompt injection by directing the agent to process and follow instructions found in external subdirectories. 1. Ingestion points: Multiple markdown files within the 'examples/', 'api/', and 'templates/' directories (SKILL.md lines 16-68). 2. Boundary markers: Absent; no specific delimiters are defined to separate ingested content from system instructions. 3. Capability inventory: The agent generates commands, configuration files, and application code based on the ingested data. 4. Sanitization: No validation or escaping of the ingested content is specified.
Audit Metadata