pinia
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (INFO): Documentation includes standard commands like 'npx nuxi' and 'npm install' for official libraries. Under the TRUST-SCOPE-RULE, these are downgraded to INFO as they originate from trusted organizations.
- Indirect Prompt Injection (INFO): The skill defines store patterns for handling data but includes no side-effect capabilities and explicitly recommends XSS prevention using 'devalue'.
- SAFE (SAFE): No malicious behaviors, obfuscation, or persistence mechanisms were detected.
Audit Metadata