nuxt-ui-component-finder
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Category 8: Indirect Prompt Injection (INFO): The skill possesses a minor indirect prompt injection surface typical of information retrieval tools.
- Ingestion points: Untrusted external documentation is ingested through MCP tools like
mcp_nuxt-ui_get-componentandmcp_nuxt-ui_get-documentation-page. - Boundary markers: Absent; the instructions do not define delimiters or specific 'ignore embedded instructions' prompts for the ingested data.
- Capability inventory: The skill is limited to reading and displaying information. No capabilities for file system modification, network exfiltration, or arbitrary code execution were identified across the instructions.
- Sanitization: No sanitization or validation of the fetched documentation content is specified.
Audit Metadata