react-devtools
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses
allowed-toolsto restrict the agent to only theagent-react-devtoolsCLI commands, minimizing potential misuse of the shell. - [DATA_EXFILTRATION]: The skill is designed to inspect React application internals, including state and props. While necessary for debugging, this data may contain sensitive information depending on the target application's design, which the agent then processes.
- [EXTERNAL_DOWNLOADS]: The documentation references the use of
npx agent-react-devtools initto configure the developer environment, which involves downloading the tool from the public npm registry. - [PROMPT_INJECTION]: The skill processes data from the React applications it inspects, creating a surface for indirect prompt injection.
- Ingestion points: Component names, props, and state values are read from the connected React application into the agent's context (SKILL.md).
- Boundary markers: There are no explicit instructions to use delimiters or ignore instructions when processing data from the application.
- Capability inventory: The agent is limited to using the
agent-react-devtoolstoolset as configured in the frontmatter. - Sanitization: No sanitization of the application data is specified in the skill's instructions.
Audit Metadata