capacitor-app-store
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): The skill consists of instructional documentation and standard configuration snippets for mobile app development.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard development dependencies such as
@capacitor/assetsand@playwright/test. These are established tools within the Ionic/Capacitor and web testing ecosystems. - [MALICIOUS_URL_ALERT] (SAFE): An automated scanner flagged
proguard-rules.proas a malicious URL. This is a confirmed false positive.proguard-rules.prois a local configuration file used by Android's ProGuard/R8 tool to manage code shrinking and obfuscation. It is not an external URL or a network-based threat vector. - [CREDENTIALS_UNSAFE] (SAFE): While the skill mentions command-line flags for API keys (
--apiKey,--apiIssuer), it correctly uses placeholders (KEY_ID,ISSUER_ID) rather than hardcoding actual secrets.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata