tanstack-query-expert
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMSAFE
Full Analysis
- [Unverifiable Dependencies] (MEDIUM): The skill references local scripts (
scripts/audit-query-keys.tsandscripts/generate-query-hook.py) that are not provided in the source. These files could potentially execute arbitrary commands or perform unsafe file operations when invoked by an agent. - [Data Exposure] (SAFE): Code examples use standard relative API endpoints (
/api/users/). No hardcoded credentials, API keys, or sensitive local file paths were detected. - [Prompt Injection] (SAFE): The instructional tone is strictly professional. There are no attempts to override system prompts, bypass safety filters, or use 'jailbreak' style role-play instructions.
- [Indirect Prompt Injection] (LOW): The skill defines patterns for fetching external data. While it lacks explicit boundary markers for sanitizing the results of
res.json(), the primary use case is React state management rather than driving high-privilege agent decisions.
Audit Metadata