fusion-app-react-dev
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill acts as a comprehensive documentation and scaffolding tool for the Equinor Fusion Framework. It enforces best practices such as TypeScript strict mode and the avoidance of hardcoded secrets or credentials. All suggested external libraries are official Equinor packages.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to read and analyze local project files to discover conventions.
- Ingestion points: Reads configuration and metadata files (package.json, tsconfig.json, app.config.ts, app.manifest.ts) and application source code in the src/ directory.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands in project files are provided.
- Capability inventory: The skill generates and modifies source files, components, and hooks within the user's project directory.
- Sanitization: The skill does not perform sanitization of content read from the project's own files, assuming them to be trusted representations of the project's state.
Audit Metadata