refine
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing official Refine packages (e.g., @refinedev/core, @refinedev/antd) and using their CLI tool. These are recognized, well-known libraries in the React ecosystem.
- [COMMAND_EXECUTION]: Employs standard npm commands to initialize projects and install necessary development dependencies.
- [PROMPT_INJECTION]: The skill outlines patterns for building applications that ingest data from external APIs, which represents a potential surface for indirect prompt injection.
- Ingestion points: Data fetched from remote endpoints in App.tsx and myDataProvider.ts.
- Boundary markers: Not present in the architectural examples.
- Capability inventory: Project setup via npm and network data fetching.
- Sanitization: Example code displays fetched data without specific sanitization logic.
Audit Metadata