shadcn-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No security issues detected. The skill consists exclusively of Markdown documentation used to guide the agent's analysis of React code. It does not contain any executable files or dangerous command-line instructions.- [Indirect Prompt Injection] (SAFE): The skill is designed to process untrusted user-provided source code for review purposes. While this creates an ingestion surface for indirect prompt injection, the skill defines no exploitable actions or tools that could be hijacked by malicious content within the analyzed code. Evidence Chain: 1. Ingestion points: User-provided React component source code. 2. Boundary markers: Absent. 3. Capability inventory: No tools, network ops, or file-writing scripts defined. 4. Sanitization: Not applicable to reasoning-only instructions.
Audit Metadata