react-server-components-framework
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a comprehensive educational and productivity resource for modern React development.
- [COMMAND_EXECUTION]: Includes dynamic context injection via shell commands to detect local project metadata. These commands are non-malicious and used solely to customize code templates based on the user's project structure (e.g., detecting if Prisma or Drizzle is used).
- [DATA_EXFILTRATION]: Does not attempt to send data to external servers. Code examples within the skill promote security best practices, such as using DOMPurify for XSS protection and ensuring sensitive environment variables remain on the server.
Audit Metadata