docs-sveltekit
Fail
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: CRITICAL
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation includes instructions for users to download core engine assets and plugins. All referenced URLs (e.g.,
https://cdn.img.ly/packages/imgly/cesdk-js/...) and repositories (github.com/imgly/*) are owned by the verified vendor, imgly. - [COMMAND_EXECUTION]: Documentation provides shell command examples for developers to set up their projects, such as
npm installandcurlfor asset management. These are educational placeholders for the end-user and are not executed by the skill itself. - [PROMPT_INJECTION]: The
SKILL.mdfile includes instructions to the agent to prefer local documentation over pre-trained knowledge. This is a standard optimization for documentation skills and does not attempt to bypass safety guidelines or override core agent behavior. - [DATA_EXPOSURE]: No sensitive credentials or private data were detected. Guidance provided in the documentation follows best practices, such as using
.envfiles for managing API keys for third-party AI services.
Recommendations
- CRITICAL: 8 infected file(s) detected - DO NOT USE
- Contains 8 malicious URL(s) - DO NOT USE
Audit Metadata