zustand-patterns
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- SAFE: The skill consists entirely of documentation and boilerplate code examples for Zustand, a widely-used and trusted React state management library.
- EXTERNAL_DOWNLOADS (SAFE): The provided code snippets reference standard, well-known libraries including 'zustand', 'react', and 'vitest'. No suspicious or unversioned external dependencies are introduced.
- DATA_EXFILTRATION (SAFE): The examples demonstrate standard frontend API interactions using relative paths (e.g., '/api/login'). No hardcoded credentials, sensitive local file access, or unauthorized network operations were detected.
- FALSE POSITIVE ALERT: The 'state.in' malicious URL alert is a false positive. In JavaScript development, 'state' is a common variable name, and the scanner likely misinterpreted property access on this variable as a TLD-based domain (state.in). There is no literal 'state.in' URL present in the skill content.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata