react-nextjs
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of instructions attempting to override agent behavior, bypass safety filters, or extract system prompts. The content is purely educational and technical.
- [DATA_EXFILTRATION]: No sensitive file access or unauthorized network operations were identified. The guidelines mention standard Web APIs like
localStorageandcookiesfor legitimate state management purposes. - [REMOTE_CODE_EXECUTION]: No patterns of downloading and executing remote scripts (e.g.,
curl | bash) were found. The documentation mentions standard CLI tools likenpx svgoas recommendations for local development. - [COMMAND_EXECUTION]: The skill does not contain executable scripts or instructions that would cause the agent to run dangerous shell commands. Mentions of shell commands are within code blocks as examples for the user.
- [OBFUSCATION]: No obfuscated strings, multi-layer encoding, zero-width characters, or hidden content were detected in any of the files.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or secrets were found. Example code uses generic placeholders.
- [EXTERNAL_DOWNLOADS]: All external links and references point to well-known technology documentation sites or trusted organizations, including Vercel, React.dev, and official GitHub repositories.
Audit Metadata