react-component-generator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8). It accepts untrusted user requirements and embeds them directly into code templates that are written to the filesystem. Without sanitization, a malicious user could inject code into the generated files.\n
- Ingestion points: User-provided requirements in Step 1 of
SKILL.md(Component name, props, type).\n - Boundary markers: Absent. No instructions exist to ignore instructions within the user data.\n
- Capability inventory: Granted
Write,Read, andGlobpermissions via YAML frontmatter.\n - Sanitization: Absent. No validation or escaping is performed on user inputs.\n- COMMAND_EXECUTION (MEDIUM): The skill performs dynamic script generation (Category 10) by assembling executable React/TypeScript files from templates. This increases the risk profile of the injection vulnerability.
Recommendations
- AI detected serious security threats
Audit Metadata