Skills
skills/bobmatnyc/claude-mpm-skills/react-hooks-composition/Gen Agent Trust Hub

react-hooks-composition

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides documentation and code patterns for React development and does not execute commands or scripts on the host system.
  • [DATA_EXFILTRATION]: The skill includes patterns for accessing user location via the browser's navigator.geolocation API. This is a standard Web API used for legitimate location-based features and is clearly documented within the context of the UserLocationProvider component.
  • [EXTERNAL_DOWNLOADS]: Code examples demonstrate network requests to the Mapbox API (api.mapbox.com). The implementation includes proper sanitization of user-provided query parameters using encodeURIComponent to prevent injection vulnerabilities in the resulting URLs.
  • [CREDENTIALS_UNSAFE]: The skill correctly demonstrates the use of environment variables (process.env.NEXT_PUBLIC_MAPBOX_API_KEY) for managing API access tokens in frontend code, adhering to standard security practices for public API keys.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 04:19 PM
Security Audit — agent-trust-hub — react-hooks-composition