uniapp-project
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): Analysis of SKILL.md and documentation files shows no attempts to override agent behavior, bypass safety filters, or extract system prompts. The instructions are purely instructional and related to technical documentation.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, API keys, or sensitive file paths were found. All code examples use placeholder domains (e.g., example.com) and standard API patterns for developer reference.
- Obfuscation (SAFE): No evidence of Base64 encoding, zero-width characters, homoglyphs, or other techniques used to hide malicious logic. Some files contain encoding artifacts (mojibake) in comments, which are identified as benign translation noise.
- External Downloads & Remote Code Execution (SAFE): While the skill contains links to external documentation and JS SDKs (e.g., gitcode.com, dcloud.net.cn), these are provided as reference material for developers. The skill does not contain logic to automatically download or execute remote scripts at runtime.
- Persistence & Privilege Escalation (SAFE): The skill does not include any commands for modifying system startup files, shell profiles, or acquiring elevated permissions (sudo).
Audit Metadata