react-pdf
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The script writes to a local file ('./output.pdf') but does not access sensitive system paths (e.g., ~/.ssh, ~/.aws) or attempt to transmit data over the network.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The code utilizes a well-known, legitimate Node.js library for PDF rendering. It does not download or execute scripts from remote URLs.
- [Dynamic Execution] (SAFE): The script contains no dynamic code generation, unsafe deserialization, or runtime compilation of untrusted input.
Audit Metadata