typescript-react-reviewer

The skill comprises six markdown files (SKILL.md and five files in the references/ directory). Each file provides detailed guidelines, patterns, and anti-patterns for reviewing TypeScript and React 17 code, including specific advice for Redux, Redux-Saga, Ant Design 4, and Electron applications.

1. Prompt Injection: No patterns indicative of prompt injection were found. The instructions are clear, constructive, and focused on code review principles. There are no attempts to override the AI's safety guidelines or role.
2. Data Exfiltration: No commands or code snippets that would attempt to read sensitive files (e.g., ~/.aws/credentials, ~/.ssh/id_rsa) or send data to external servers (e.g., curl, wget, fetch to non-whitelisted domains) were identified. References to Sentry.captureException or util.sensorsData.track are within code examples meant for the reviewed application, not for the skill itself to execute.
3. Obfuscation: No obfuscation techniques (Base64, zero-width characters, homoglyphs, URL/hex/HTML encoding) were detected in any of the files. The content is plain text markdown.
4. Unverifiable Dependencies: The skill itself does not install or execute any external dependencies. It references various libraries and tools (e.g., ahooks, TanStack Query, Sentry, electron-store, @ant-design/icons, moment) as part of the knowledge domain for code review. These are not dependencies that the AI agent would download or run.
5. Privilege Escalation: No commands like sudo, chmod, or other system-level modifications were found. The skill is purely informational.
6. Persistence Mechanisms: No attempts to establish persistence (e.g., modifying .bashrc, crontab, LaunchAgents) were detected.
7. Metadata Poisoning: The name and description fields in SKILL.md are benign and accurately reflect the skill's purpose. No malicious instructions were hidden in metadata.
8. Indirect Prompt Injection: While the skill's purpose is to review code, it does not instruct the AI to execute that code. The risk of indirect prompt injection would arise if the AI were to process and then execute untrusted code, but this skill does not facilitate or instruct such behavior. It merely provides a framework for analysis.
9. Time-Delayed / Conditional Attacks: No conditional logic based on time, usage, or environment was found.

In conclusion, this skill is a static knowledge base. It provides valuable information for code review but does not contain any active components that could be exploited.