Skills
skills/moostjs/atscript-ui/atscript-ui-tables/Gen Agent Trust Hub

atscript-ui-tables

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected. The skill provides documentation and instructions for a Vue table component library.
  • [COMMAND_EXECUTION]: The skill documentation includes standard installation commands using npx and pnpm. These are used to add skill-related dependencies and peer packages from the official AtScript and MoostJS ecosystem.
  • [EXTERNAL_DOWNLOADS]: The skill references official GitHub repositories (github.com/moostjs/*) and documentation sites (ui.atscript.dev). These are vendor resources consistent with the skill's authorship and purpose.
  • [PROMPT_INJECTION]: A static analysis hint regarding concealment was reviewed. The logic in references/actions-selection.md refers to UI-level filtering of row actions based on server-side availability flags, which is a standard access control feature and not a prompt injection attempt.
  • [DATA_EXFILTRATION]: No evidence of data exfiltration. The skill describes interacting with specified API endpoints (/api/db/tables/*, /api/db/_presets) to perform legitimate operations such as fetching data and persisting user preferences.
  • [REMOTE_CODE_EXECUTION]: The skill mentions dynamic execution of style and attribute annotations via @atscript/ui-fns. These expressions are defined in the developer's schema (.as files) and run within a restricted sandbox scope, posing no risk of arbitrary remote code execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 01:05 PM