Skills
skills/reactjs/react.dev/write/Gen Agent Trust Hub

write

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill's architecture creates a surface for indirect prompt injection by aggregating data from untrusted external sources and passing it to a writing agent.
  • Ingestion points: Data enters the system through web search results in Step 2 (Agent 3) and React repository analysis in Step 2 (Agent 1).
  • Boundary markers: Absent. The prompt template in Step 4 interpolates external research findings directly into the writing instructions without using delimiters (like XML tags) or providing 'ignore embedded instructions' warnings to the subagent.
  • Capability inventory: The skill has the ability to create and modify documentation files in 'src/content/' and update navigation configuration files like 'sidebarLearn.json'.
  • Sanitization: No sanitization, escaping, or validation logic is applied to the researched content before it is used to generate documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 08:23 PM