states
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate developer tooling for UI state management. It follows best practices by deriving state variations from existing project data rather than inventing new UI elements.
- [PROMPT_INJECTION]: Analysis of the markdown instructions reveals no attempts to override safety filters, bypass constraints, or extract system prompts. The instructions are focused exclusively on the React state exploration workflow.
- [DATA_EXFILTRATION]: Although the skill explores the local codebase for data structures (such as roles and permissions), it lacks any network capabilities (curl, fetch, etc.) to transmit this information to external servers.
- [REMOTE_CODE_EXECUTION]: No remote scripts are downloaded or executed. The skill facilitates the generation of local React components and generator functions within the existing development environment.
- [COMMAND_EXECUTION]: The skill does not invoke dangerous shell commands, privilege escalation (sudo), or persistence mechanisms. All operations are confined to the source code of the React application being analyzed.
Audit Metadata