react-component
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The prompt instructions focus on assuming the persona of a React expert. No instructions were found that attempt to bypass AI safety filters or override system-level instructions.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, API keys, or access to sensitive file paths were detected. The usage of the fetch API in the examples is limited to generic template code for components and hooks.
- [Remote Code Execution] (SAFE): The skill does not perform any external downloads, package installations, or piped shell executions.
- [Indirect Prompt Injection] (LOW): As a code generation tool, it ingests user requirements to produce React components. While this creates a surface for indirect prompt injection via user-supplied content, the skill itself provides standard, safe boilerplate and boundary markers are not applicable to this static template format.
- [Persistence & Privilege Escalation] (SAFE): No commands related to system persistence or privilege escalation (e.g., sudo, crontab, registry modification) are present.
Audit Metadata