react-app-dev
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes
rg(ripgrep) via a shell script and referencespnpm check:all. These are standard development operations restricted to the local source directory and do not involve arbitrary command execution or suspicious parameters. - [DATA_EXFILTRATION] (SAFE): Analysis of the scripts and instructions shows no network activity, credential access, or sensitive file path interaction. The operations are confined to the
src/directory for code analysis. - [PROMPT_INJECTION] (SAFE): No override markers, jailbreak attempts, or instructions to ignore system safety protocols were found in the skill or its references.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no patterns involving
curlorwgetpiped to shells, nor any downloads from external or untrusted sources.
Audit Metadata