carbon-react
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a static documentation resource. No executable scripts were found that perform sensitive operations, and all component examples are standard React code meant for instructional purposes.
- [EXTERNAL_DOWNLOADS]: Installation instructions reference official packages from npm (carbon-react, @sage/design-tokens) and trusted organizations (React, styled-components). These are standard dependencies for the library's intended use.
- [PROMPT_INJECTION]: No attempts to override agent behavior or bypass safety filters were detected in the component documentation or examples.
- [DATA_EXFILTRATION]: No evidence of credential harvesting or sensitive data access was found. Placeholders in examples are benign.
Audit Metadata