maravilla-frameworks-nuxt
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references official vendor packages and a trusted third-party library for its implementation. Evidence: Mentions @maravilla-labs/preset-nitro, @maravilla-labs/platform, and nanoid.
- [SAFE]: Implements a standard 3-step authentication contract using HttpOnly cookies and server-side validation in server/middleware/auth.ts, which is a best practice for web applications.
- [SAFE]: The skill includes code to ingest user data (Indirect Prompt Injection surface) but follows standard framework security patterns. Ingestion points: User-provided text in server/api/todos/index.post.ts via readBody. Boundary markers: Absent. Capability inventory: Write and list access to platform KV storage. Sanitization: Relies on standard Vue template interpolation which prevents common injection vulnerabilities like XSS.
Audit Metadata