nuxt-server
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides patterns for building server-side API routes that ingest and process untrusted data from HTTP requests, creating a surface for indirect prompt injection.
- Ingestion points: Multiple handlers in
SKILL.mdandtemplates/server/api/blog/index.get.tsusereadBody,getQuery, andgetHeaderto retrieve user-controlled data. - Boundary markers: The skill demonstrates validation techniques but does not include explicit markers (e.g., delimiters) for use in prompts where the ingested data might be processed by an LLM.
- Capability inventory: Handlers have the ability to perform database operations (D1 via Drizzle) and cloud storage writes (R2).
- Sanitization: The skill effectively promotes sanitization through the use of the Zod library for schema validation and manual regex filtering for query parameters.
Audit Metadata