react-coding-standards
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to run development commands such as
yarn lintandnpm run lint, including their auto-fix variants. This is expected behavior for a tool designed to maintain code quality. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and analyze external code content. * Ingestion points: Code files and snippets provided to the agent for review (SKILL.md). * Boundary markers: Absent; the skill lacks instructions to use delimiters or ignore potential commands embedded within code comments or logic. * Capability inventory: The agent has the capability to execute shell commands (SKILL.md). * Sanitization: No sanitization of the input code is specified before processing.
Audit Metadata