Skills
skills/mym0404/agent-skills/react-skills/Gen Agent Trust Hub

react-skills

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill's refactoring workflow relies on fetching and following instructions from an external llms.txt file, creating a surface for indirect prompt injection.
  • Ingestion points: rules/react-util-usage.md directs the agent to access https://raw.githubusercontent.com/mj-studio-library/react-util/master/llms.txt.
  • Boundary markers: Absent. The skill does not provide delimiters or instructions for the agent to ignore potentially malicious content within the fetched documentation.
  • Capability inventory: The agent has the capability to generate, refactor, and implement React utility logic based on the external content.
  • Sanitization: Absent. External documentation is treated as a direct implementation guide without validation or filtering.
  • [EXTERNAL_DOWNLOADS]: The skill references and manages external resources from well-known services.
  • Evidence: Instructs the agent to install @mj-studio/react-util via package managers and fetch documentation from GitHub repositories.
  • Source: Resources are hosted on GitHub and NPM, which are well-known technology platforms.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 01:48 AM