effectorjs
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill. The content focuses entirely on documenting state management best practices for the EffectorJS library.
- [PROMPT_INJECTION]: The skill uses instructional language to guide the agent in state modeling but contains no attempts to bypass safety filters or ignore system prompts. Technical guardrails focus on library anti-patterns like avoiding 'watch' for business logic.
- [EXTERNAL_DOWNLOADS]: The reference materials mention standard library imports such as 'effector-react' and 'effector-vue', but there are no instructions to download external scripts or execute unauthorized binaries.
- [REMOTE_CODE_EXECUTION]: There is no evidence of dynamic code generation, remote script execution, or calls to eval/exec.
- [DATA_EXFILTRATION]: No commands for accessing sensitive local files (like SSH keys or environment variables) or sending data to external domains were detected.
- [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or sensitive configuration data were found in any of the skill files or reference snippets.
Audit Metadata