unocss
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION] (LOW): The documentation in
references/core-extracting.mdprovides an example of usingfetch()within the configuration to retrieve content for utility extraction. While this is a legitimate feature of the tool, it represents a potential network access point if configured with untrusted URLs. - [REMOTE_CODE_EXECUTION] (LOW): The skill describes the use of dynamic rules and custom extractors that involve executing JavaScript logic (e.g., RegExp matchers and functions) during the CSS generation process. This is a core architectural feature of UnoCSS and is documented here for configuration purposes.
- [EXTERNAL_DOWNLOADS] (LOW): The documentation mentions automatic installation of icon sets (
@iconify-json/*) and the use of CDNs (likeesm.sh) for fetching assets. These are standard operations for the library's functionality. - [INDIRECT_PROMPT_INJECTION] (LOW): As a tool that processes source code to extract CSS classes, UnoCSS has an ingestion surface for untrusted data. The documentation includes boundary markers (e.g.,
@unocss-ignore) to manage this, though the primary risk is inherent to the CSS extraction use case rather than the skill itself.
Audit Metadata