fishjam-react-client
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references standard NPM packages (
@fishjam-cloud/react-clientand@fishjam-cloud/ts-client) and official documentation from Software Mansion. These are recognized vendor resources for this SDK. - [DATA_EXFILTRATION]: The skill manages access to sensitive media devices (camera, microphone, screen share). This is the primary intended function of the SDK. Access is gated by standard browser permission prompts triggered via the
useInitializeDevicesanduseScreenSharehooks. Device persistence is implemented vialocalStorage, which is a standard browser practice for preserving user preferences. - [COMMAND_EXECUTION]: Instructions include standard package manager commands (
npm install,yarn add) for library installation. - [SAFE]: The
useSandboxhook is a development-only feature for prototyping without a backend. The documentation contains explicit warnings ('Never ship this in production', 'Gate it with if (import.meta.env.DEV)') to prevent accidental exposure of the unauthenticated Sandbox API in production environments. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface (Category 8):
- Ingestion points: Untrusted data enters the agent context via
usePeers(remote peer metadata) anduseDataChannel(incoming binary payloads from remote peers). - Boundary markers: The skill does not define specific delimiters for separating peer-supplied data from instructions.
- Capability inventory: The SDK provides capabilities to access media streams, publish data to other peers, and update metadata.
- Sanitization: Standard React rendering protects against XSS, but the skill does not explicitly provide sanitization for data intended for LLM ingestion. This represents a standard low-risk surface inherent to communication tools.
Audit Metadata