react-security

Pass

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as an educational resource for securing React applications. It identifies high-risk areas such as XSS, CSRF, and insecure token storage.
  • [SAFE]: Instructions for XSS prevention correctly recommend the use of DOMPurify for sanitizing HTML input and warn against using dangerouslySetInnerHTML with untrusted data.
  • [SAFE]: Authentication guidelines follow industry standards by recommending HttpOnly and Secure cookies for JWT/session storage instead of localStorage to mitigate token theft.
  • [SAFE]: The skill includes implementation examples for Content Security Policy (CSP), CSRF protection via tokens, and client-side rate limiting, which are standard security controls.
  • [SAFE]: No evidence of prompt injection, data exfiltration, obfuscation, or remote code execution was found. The skill does not perform any network operations or access sensitive system files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 5, 2026, 08:48 AM
Security Audit — agent-trust-hub — react-security