zustand-state
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): No malicious instructions, data exfiltration, or unauthorized command executions were found. All code snippets provide legitimate usage examples for the Zustand library.\n- [DATA_EXFILTRATION] (SAFE): No patterns of data exfiltration or credential harvesting were detected. The use of localStorage is for persistence, which is the intended purpose of the library's middleware.\n- [PROMPT_INJECTION] (SAFE): The skill documentation does not contain any instructions aimed at overriding agent behavior or bypassing safety filters.\n- [EXTERNAL_DOWNLOADS] (SAFE): There are no external downloads or remote script execution patterns.\n- [SAFE] (SAFE): The 'state.in' security alert is a false positive. The string 'state.in' is a substring of common property names like 'state.increase' or 'state.initialState' used throughout the documentation's TypeScript examples and does not indicate a connection to a malicious domain.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata