rivetkit-client-react
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides guidance for building React applications using the
@rivetkit/reactlibrary. It includes explicit security advice, recommending the use of arrays for keys instead of string interpolation to prevent potential key injection attacks from untrusted user input. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@rivetkit/reactpackage via npm. This package is an official component of the vendor's ecosystem. - [CREDENTIALS_UNSAFE]: Authentication tokens and endpoints are documented using safe placeholders (e.g.,
pk_...,jwt-token-here) and recommend standard environment variable practices for secret management. - [COMMAND_EXECUTION]: No dangerous shell commands were detected. The only command-line instructions are standard package installation and skill management commands related to the vendor's tools.
Audit Metadata