Skills
skills/wshobson/agents/react-modernization/Gen Agent Trust Hub

react-modernization

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches official React transformation scripts (codemods) from the reactjs organization's public GitHub repository. These scripts are standard tools used by the community for automated version upgrades.
  • [COMMAND_EXECUTION]: Instructs the agent to use the npx utility to execute refactoring tools like jscodeshift and codemod on the local source directory to automate code modernization.
  • [PROMPT_INJECTION]: While the skill processes project source code (src/) to apply transformations, creating a surface for indirect prompt injection, the risk is negligible as the operations are performed using trusted tools on the user's own codebase for its primary intended purpose.
  • Ingestion points: Project source code (src/ directory)
  • Boundary markers: Not explicitly defined in instructions
  • Capability inventory: Command execution via npx jscodeshift and npx codemod in SKILL.md
  • Sanitization: Relies on the standard execution environment of the jscodeshift tool
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 02:07 AM
Security Audit — agent-trust-hub — react-modernization