capacitor-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (CRITICAL): Automated scanning via URLite identified a malicious URL in the
proguard-rules.profile (Detection ID: URC963ABB0F8500309-0200). Malicious entries in build configuration files can facilitate the download of compromised dependencies or the exfiltration of sensitive environment information. - [PROMPT_INJECTION] (LOW): The skill possesses an indirect prompt injection surface due to its capability to analyze untrusted Capacitor codebases. Evidence Chain: (1) Ingestion point: Capacitor project code and structures. (2) Boundary markers: None identified. (3) Capability inventory: Provision of best practice guidance and project reviews. (4) Sanitization: No sanitization or validation of input code is documented.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata