tanstack-db
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The instructional language is benign and focused on library usage.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file path accesses were detected. While the skill discusses LocalStorage and ElectricSQL (Postgres sync), these are intended library features and do not target unauthorized external domains or sensitive user secrets.
- Obfuscation (SAFE): No use of Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques was found.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references '@tanstack/react-db', a well-known and reputable package from the npm registry. No suspicious remote script execution (e.g., curl|bash) or dynamic code execution patterns (eval/exec) were found.
- Persistence Mechanisms (SAFE): The skill documents LocalStorage persistence, which is a standard browser feature and the primary purpose of the library module described. It does not attempt to persist access via shell profiles, cron jobs, or registry keys.
- Indirect Prompt Injection (SAFE):
- Ingestion points: Data is ingested via
collection.insert()andcollection.update()methods. - Boundary markers: Standard delimiters are used in code blocks; however, as a documentation skill, it does not explicitly define LLM boundary markers for runtime data.
- Capability inventory: No dangerous capabilities like subprocess calls, file-system writes (outside of browser storage), or network requests to unknown domains were identified.
- Sanitization: The skill explicitly recommends and provides examples for schema validation using Zod, which is a strong mitigation against malformed or malicious data ingestion.
Audit Metadata