vercel-react-view-transitions
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The implementation workflow requires the agent to perform an audit of the user's codebase, searching for components and navigation logic. This ingestion of untrusted data from the user's project creates a potential surface for indirect prompt injection.
- Ingestion points: references/implementation.md (Step 1: Audit the App).
- Boundary markers: Absent. No specific delimiters or warnings to ignore instructions found within analyzed project files are provided.
- Capability inventory: SKILL.md (CLI command 'npm ls react'), references/nextjs.md (CLI command 'npm install' and modification of 'next.config.js').
- Sanitization: Absent. The skill does not provide methods for sanitizing or escaping content found during the audit phase before it is processed by the agent.
Audit Metadata