react-start/server-components
Pass
Audited by Gen Agent Trust Hub on Jun 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A comprehensive review of the 13 files revealed no malicious patterns, obfuscation, or data exfiltration attempts. The skill is instructional and focuses on the correct implementation of the TanStack Start framework.
- [CREDENTIALS_UNSAFE]: The documentation and skill instructions proactively address credential safety by warning users not to include database access, secrets, or private APIs in isomorphic route loaders, directing them to use server-only boundaries instead.
- [EXTERNAL_DOWNLOADS]: The skill references official documentation and repositories from the TanStack organization and Vite. These are well-known, trusted resources used for technical reference and do not involve the execution of untrusted remote code.
- [COMMAND_EXECUTION]: No suspicious command execution or privilege escalation patterns were found. The code examples use standard framework APIs for routing and data fetching.
- [DATA_EXFILTRATION]: No network operations to unknown or suspicious domains were detected. All network patterns are restricted to standard local API routing and framework-level data fetching.
Audit Metadata