veltra-ui
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Documentation Integrity. The skill serves as a technical reference library for the @veltra/desktop ecosystem. It provides accurate API signatures, type definitions, and code examples without attempting to override agent safety protocols.
- [SAFE]: Library Dependencies. Installation instructions and peer dependencies (such as @veltra/styles, @veltra/icons, and @cat-kit/core) are standard for modern frontend development and originate from the author's specified package namespace.
- [SAFE]: No Data Exposure. The skill does not access sensitive system paths (~/.ssh, ~/.aws) or contain hardcoded credentials. Examples involving inputs (like password or email fields) are provided for UI demonstration purposes only.
- [SAFE]: Indirect Input Surface. While components like URichTextEditor and UExpressionEditor process string data, they are documented within the context of standard web applications. No patterns were found that would facilitate indirect prompt injection or server-side exploitation.
- [SAFE]: No Execution Risks. The skill does not contain any remote script execution, obfuscated code, or unauthorized command line operations.
Audit Metadata