Skills
skills/oimiragieo/agent-studio/react-expert/Gen Agent Trust Hub

react-expert

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines a 'Memory Protocol' that requires the agent to execute the bash command cat .claude/context/memory/learnings.md to retrieve context.
  • [PROMPT_INJECTION]: The instructions use high-priority directives such as 'Iron Laws', 'MANDATORY', and 'NEVER' to constrain model behavior, which are common patterns in prompt injection.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to analyze untrusted external data (React code).
  • Ingestion points: The skill reviews files matching **/*.tsx and **/*.jsx via the Read and Glob tools.
  • Boundary markers: There are no explicit delimiters or warnings defined to prevent the agent from following instructions embedded in the analyzed code.
  • Capability inventory: The skill environment provides the agent with powerful tools including Bash, Write, Edit, and Grep.
  • Sanitization: No sanitization or validation of the input code is performed before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 09:13 AM