frontend-dev-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is primarily educational and instructional, providing patterns for React development without executing any local scripts or commands.
- [EXTERNAL_DOWNLOADS]: The documentation references non-standard/unverifiable package names in
resources/complete-examples.md. - Evidence: In Example 5 ("Blog with Validation" and "Dialog with Blog"), the code imports
useBlogfromreact-hook-blogandzodResolverfrom@hookblog/resolvers/zod. These appear to be clerical errors or hallucinations of the popularreact-hook-formlibrary, which is used correctly elsewhere in the skill. These unknown packages represent a theoretical supply-chain risk if a user were to attempt to install them. - [PROMPT_INJECTION]: The skill establishes an indirect prompt injection surface through its primary function as a code-editing assistant.
- Ingestion points: The agent ingests untrusted developer requests and existing source code files when applying these guidelines.
- Boundary markers: The skill does not define explicit delimiters or instructions to ignore instructions embedded in code it processes (e.g.,
SKILL.md). - Capability inventory: The agent using this skill is expected to perform file-read and file-write operations on project source code.
- Sanitization: No explicit sanitization or validation of the ingested code or developer input is defined in the guidelines.
Audit Metadata