Skills
skills/partme-ai/tauri-skills/tauri-ipc/Gen Agent Trust Hub

tauri-ipc

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill utilizes a template in templates/basic.md that incorporates user-controlled variables ({command}, {fields}, {file}, {policy}) without clear delimiters or sanitization. This creates an attack surface for indirect prompt injection where malicious input could influence the agent's output.
  • Ingestion points: templates/basic.md using variable placeholders.
  • Boundary markers: None present to distinguish instructions from user data.
  • Capability inventory: The skill generates IPC-related configuration and code snippets.
  • Sanitization: No sanitization or validation of the input variables is performed.
  • [EXTERNAL_DOWNLOADS]: Fetches official documentation and guidance from the Tauri project website (v2.tauri.app).
  • [EXTERNAL_DOWNLOADS]: The example code in examples/usage.md references a package named tauri-plugin-tauri-ipc. This is not an official Tauri plugin and its source is unverified, posing a risk if the package name is registered by an untrusted party.
  • Evidence: import { init } from 'tauri-plugin-tauri-ipc'; in examples/usage.md
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 02:15 PM