Skills
skills/aaaaqwq/claude-code-skills/react-expert/Gen Agent Trust Hub

react-expert

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the source code from the official React repository on GitHub for local analysis.
  • [COMMAND_EXECUTION]: Uses system commands including git, gh (GitHub CLI), and grep to search and extract information from the local repository and GitHub metadata.
  • [COMMAND_EXECUTION]: The skill interpolates user-supplied topic strings directly into shell commands (e.g., git log --grep="<topic>"). This presents a potential command injection surface if the user provides input containing shell metacharacters.
  • [PROMPT_INJECTION]: Indirect attack surface identified. The skill ingests data from external, potentially attacker-controlled sources such as GitHub Issues and Pull Request comments. While the skill primarily summarizes this data, malicious content within those sources could attempt to influence the agent's output during the synthesis phase.
  • Ingestion points: Reads content from .claude/react (source/tests) and GitHub PRs/Issues via gh CLI.
  • Boundary markers: None explicitly defined to separate untrusted issue/PR content from the synthesis prompt.
  • Capability inventory: Subprocess calls (git, gh), file writing (.claude/research/).
  • Sanitization: No explicit sanitization of retrieved data before synthesis.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 09:55 AM