carbon-react
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of 170 files providing static documentation and code examples for a React-based UI library.
- Component Documentation: Each file in the
components/directory provides typed prop tables and usage examples (TSX) for individual UI elements like Accordions, Buttons, and Forms. No malicious instructions or executable scripts are included in these examples. - Installation Guidance: The
references/docs/installation.mdfile contains standard instructions for installing the library and its peer dependencies via npm. These are informational and do not involve high-risk command execution. - External References: The skill references official domains (e.g.,
carbon.sage.com) and well-known asset services (e.g.,avataaars.io,loremfaces.net) for sample images and developer resources, all of which are consistent with the skill's primary purpose. - No Dynamic Logic: There is no evidence of obfuscation, dynamic code execution (eval/exec), or persistence mechanisms. The skill operates as a curated knowledge base for the AI agent.
Audit Metadata