drag-and-drop
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No security issues detected. The skill provides standard UI implementation guidance using reputable Atlassian libraries.
- Implementation Safety: The code uses 'textContent' when dynamically creating the drag preview DOM element, which prevents cross-site scripting (XSS) by ensuring 'item.label' is treated as literal text.
- Best Practices: The skill correctly identifies performance pitfalls in React and provides proper patterns using 'useRef' and 'useCallback' to manage volatile drag state without unnecessary re-renders.
Audit Metadata