react-component-generator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted user input while having access to high-privilege tools.
- Ingestion points: User requests triggered by phrases like 'react component generator' or 'react generator' (SKILL.md).
- Boundary markers: The skill definition lacks delimiters or explicit instructions to ignore embedded commands within user data.
- Capability inventory: The skill has permission to use 'Bash(cmd:*)', 'Write', and 'Edit' tools, enabling arbitrary command execution and file system modification.
- Sanitization: No input validation or sanitization logic is present to filter malicious instructions from user context.
- [COMMAND_EXECUTION]: The skill requests 'Bash(cmd:*)' permissions in the allowed-tools configuration, which grants the ability to execute any shell command. This broad permission increases the potential impact of a successful prompt injection attack.
Audit Metadata