capacitor-push-notifications
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill guides the user through the legitimate setup of push notifications using the official
@capacitor-firebase/messagingplugin and standard Firebase integration workflows. - [EXTERNAL_DOWNLOADS]: The skill references external resources and scripts from well-known and trusted providers, including Google (gstatic.com, googleapis.com), Firebase, and Apple Developer services. These downloads are necessary for the skill's primary purpose and follow [TRUST-SCOPE-RULE].
- [COMMAND_EXECUTION]: All shell commands provided (e.g.,
npm install,npx cap sync,curl) are standard development operations required for installing dependencies, synchronizing Capacitor projects, and testing API connectivity. - [CREDENTIALS_UNSAFE]: The skill correctly uses placeholders for sensitive information like API keys, Project IDs, and VAPID keys (e.g.,
<YOUR_API_KEY>,<YOUR_PROJECT_ID>), ensuring no hardcoded credentials are leaked or encouraged.
Audit Metadata