react-advanced
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of technical documentation and architectural patterns for React development. It does not contain executable code that runs on the host system or instructions that bypass safety protocols.
- [DATA_EXPOSURE_&_EXFILTRATION]: No sensitive data access or exfiltration patterns were detected. The skill correctly identifies that server state and client state should be separated and uses industry-standard libraries for data fetching.
- [PROMPT_INJECTION]: No attempts to override agent behavior, bypass safety filters, or extract system prompts were found.
- [EXTERNAL_DOWNLOADS]: The skill references established open-source libraries (TanStack, XState, Zustand, Zod) but does not include scripts that perform unverified downloads or remote code execution.
- [OBFUSCATION]: No obfuscated content, encoded strings, or hidden characters were detected in any of the reference files or the main skill body.
- [DYNAMIC_CONTEXT_INJECTION]: No use of dynamic execution syntax (!command) was found in the SKILL.md file.
- [INDIRECT_PROMPT_INJECTION]: While the skill describes how to handle user-controlled data (forms and search parameters), it strongly advocates for the use of Zod for schema validation and sanitization, which is a defensive best practice.
Audit Metadata