svelte
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No malicious code or suspicious patterns were identified. The skill contains architectural guidelines and best practices for the Svelte framework.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation and source code from Svelte's official website and GitHub repository. These references are used for knowledge grounding and originate from well-known, trusted organizations.
- [PROMPT_INJECTION]: The skill analyzes Svelte source code, which represents an indirect prompt injection surface. (1) Ingestion points: .svelte, .svelte.js, and .svelte.ts files. (2) Boundary markers: None specified in instructions. (3) Capability inventory: The skill provides knowledge and coding patterns but does not utilize unsafe capabilities such as arbitrary command execution or system-level file writes. (4) Sanitization: Instructions explicitly advise on escaping user input when using the {@html} tag to prevent XSS.
Audit Metadata