capacitor-push-notifications
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a comprehensive technical guide for a common mobile development task (push notifications). All instructions and code snippets align with official documentation and industry standards.
- [COMMAND_EXECUTION]: Includes standard commands for package installation and project synchronization (
bun add,bunx cap sync). These are routine for Capacitor development and do not execute untrusted remote code. - [EXTERNAL_DOWNLOADS]: References official, well-known services including Google Firebase (firebase.google.com), Apple Developer Portal (developer.apple.com), and the Capacitor documentation (capacitorjs.com). All external links are legitimate and lead to trusted sources.
- [CREDENTIALS_UNSAFE]: Appropriately uses placeholders like
YOUR_PROJECT,ACCESS_TOKEN, andDEVICE_TOKENin configuration and API examples, preventing the exposure of actual secrets. - [DATA_EXFILTRATION]: While the skill demonstrates how to register tokens and handle notification data, it does so within the context of standard application logic (e.g.,
sendTokenToServer). There are no patterns suggesting unauthorized data exfiltration.
Audit Metadata