Oathe Security Badge

Is .curated/vitest safe?

https://github.com/pproenca/dot-skills/tree/master/skills/.curated/vitest

97
SAFE

This is a legitimate educational skill providing comprehensive Vitest testing framework best practices and patterns. The skill contains only documentation files with no executable code, poses no security risks, and successfully completed installation with normal behavior.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 95/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 98/100 · 5%

Findings (3)

INFO Large educational skill with extensive content -5

This skill contains 44 rules across 8 categories with comprehensive Vitest documentation. While legitimate, the large amount of content could potentially be overwhelming.

INFO System accessed sensitive files during audit -5

SSH authentication processes accessed canary files (.env, SSH keys, AWS credentials) during system login, but this appears to be normal system behavior unrelated to the skill.

INFO Comprehensive reference material -2

The skill provides extensive Vitest testing guidance which, while valuable, represents a large amount of reference material that could be overwhelming for some users.