skills/rutpshah/skills-react-testing-best-practices/react-testing-best-practices/Gen Agent Trust Hub
react-testing-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is composed entirely of Markdown documentation and code examples. It does not contain any shell scripts, automated network requests, or file system manipulation logic.
- [INDIRECT_PROMPT_INJECTION]: The skill involves processing untrusted source code to generate unit tests, which creates an indirect prompt injection surface.
- Ingestion points: The agent is expected to read component and hook source files (e.g.,
.tsx,.ts) provided by the user. - Boundary markers: The skill includes a dedicated 'Security Policy' section in
SKILL.mdwhich explicitly instructs the agent to treat component code as data and ignore any instructions embedded within the source files. - Capability inventory: The skill does not provide the agent with any automated capabilities like file-writing or network access; it serves as a reference for the agent to use when performing standard development tasks.
- Sanitization: The skill relies on the agent's internal guardrails and the explicit safety instructions provided in the
SKILL.mdfile. - [EXTERNAL_DOWNLOADS]: The documentation references several well-known and trusted Node.js packages for installation via standard package managers (npm/yarn/pnpm). These are standard development dependencies and do not represent a security risk.
Audit Metadata