react-hooks
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Indirect Prompt Injection Surface. The skill is designed to ingest and process untrusted React source code to 'resolve' hook violations.
- Ingestion points: React component files and hook definitions processed at runtime.
- Boundary markers: No delimiters or isolation instructions are present to prevent the agent from obeying instructions embedded in the code it is analyzing.
- Capability inventory: The skill's purpose ('Resolves violations') implies the capability to perform file-write operations or suggest code changes based on the untrusted input.
- Sanitization: No sanitization or validation of the input code is specified.
- [COMMAND_EXECUTION] (MEDIUM): The 'Instrumentation' section triggers the execution of
./scripts/log-skill.sh react-hooks. As the script is not included in the skill package, its behavior is unverifiable and could execute arbitrary commands.
Recommendations
- AI detected serious security threats
Audit Metadata