svar-vue
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a comprehensive documentation set for the SVAR Vue library. All provided code snippets are instructional 'recipes' intended for developer use within Vue applications.
- [EXTERNAL_DOWNLOADS]: The components reference official vendor assets (e.g., SVG icons) hosted on
https://cdn.svar.dev/. This is standard behavior for the library's functionality. - [DATA_EXFILTRATION]: The documentation includes examples for
RestDataProviderwhich connects components to backend APIs (e.g.,/api/ganttorhttps://example.com/api). These are provided as templates for legitimate data persistence and do not involve unauthorized data collection. - [INDIRECT_PROMPT_INJECTION]: The skill documents components that ingest and render external data (tasks, comments, file paths). While this creates a potential surface for indirect prompt injection if an agent processes data rendered by these widgets, the documentation explicitly warns about using specific HTML rendering functions (
getQueryHtml) only in trusted contexts. This risk is inherent to UI libraries and is well-documented.
Audit Metadata