tracekit-vue-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No prompt injection patterns or attempts to override agent behavior were detected. The instructions are focused on legitimate framework integration.
- [CREDENTIALS_UNSAFE]: The skill explicitly instructs users not to hardcode API keys in source code and provides placeholders for environment variables, following security best practices.
- [EXTERNAL_DOWNLOADS]: The skill references official vendor packages
@tracekit/vueand@tracekit/replayfrom the NPM registry. These are legitimate resources associated with the verified authortracekit-dev. - [COMMAND_EXECUTION]: The use of
npx tracekit-cliis a standard and documented method for interacting with the vendor's tooling for source map uploads. - [REMOTE_CODE_EXECUTION]: No dangerous remote code execution patterns, such as piping unknown URLs to a shell, were found.
Audit Metadata