templ-components
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Instructional Content (SAFE): The skill consists entirely of documentation and code snippets intended for developer guidance. No malicious logic or hidden commands were detected.
- Data Exposure & Exfiltration (SAFE): No access to sensitive file paths, environment variables, or hardcoded credentials. All external links point to official documentation (templ.guide and pkg.go.dev).
- Remote Code Execution (SAFE): The skill does not download or execute remote scripts. It provides static Go/Templ code examples for learning purposes.
- Indirect Prompt Injection (SAFE): The skill does not ingest external data or provide tools with side-effect capabilities. It provides patterns that prioritize type safety and explicit prop definitions.
- Security Awareness (INFO): The documentation explicitly warns that components implemented manually in Go (via templ.ComponentFunc) require the developer to handle HTML safety and escaping, which is a positive security practice.
Audit Metadata