react-hook-authoring-fix
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted source code which could contain malicious instructions embedded in comments or strings.\n
- Ingestion points: Hook file contents are read during Step 3 of the workflow.\n
- Boundary markers: Absent; there are no instructions to ignore natural language instructions within the code files.\n
- Capability inventory: The agent has file-writing capabilities (Step 5) and shell command execution capabilities (Step 6).\n
- Sanitization: No sanitization of code content is performed before processing.\n- [COMMAND_EXECUTION]: In Step 6, the skill executes the command
pnpm type-check && pnpm test. This is a standard developer workflow but constitutes an execution capability that relies on the integrity of the local project's configuration and scripts.
Audit Metadata