The Agent Skills Directory

Indirect Prompt Injection (HIGH): The skill creates a significant attack surface by providing patterns that interpolate untrusted data (such as component labels and collection items) into the UI while granting the agent access to high-privilege tools like Bash and Write. This could allow an attacker to embed instructions in UI content that the agent might mistakenly execute. * Ingestion points: SKILL.md (Button props.children, ComboBox props.label, and state.collection rendered items). * Boundary markers: None identified in the provided patterns. * Capability inventory: Bash, Write, Read, Grep, Glob. * Sanitization: No sanitization or validation of the interpolated strings is suggested.
Unverifiable Dependencies & Remote Code Execution (MEDIUM): The skill and its associated checklist require the installation of several external npm packages (react-aria, react-stately, jest-axe, @testing-library/react, @tanstack/react-virtual) from sources not included in the trusted organization whitelist. Per security rules, these are classified as unverifiable dependencies.

react-aria-patterns