Skills
skills/expo/skills/expo-cicd-workflows/Gen Agent Trust Hub

expo-cicd-workflows

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • External Downloads (LOW): The scripts/fetch.js file is a generic utility that fetches content from a user-provided URL. While instructions suggest specific Expo-related domains, the script does not enforce a domain whitelist.
  • Indirect Prompt Injection (LOW): The skill processes untrusted external data which could influence agent behavior.
  • Ingestion points: scripts/fetch.js fetches text/markdown content from external URLs.
  • Boundary markers: Absent. The instructions tell the agent to rely on this fetched content as the 'source of truth'.
  • Capability inventory: Access to Bash(node:*) and Write tools allows the agent to execute local scripts and modify the filesystem.
  • Sanitization: Fetched content is not sanitized or escaped before being presented to the agent.
  • Dynamic Execution (LOW): The scripts/validate.js script dynamically compiles a JSON schema fetched from a remote endpoint using the ajv library. This is a standard validation pattern but relies on the integrity of the remote schema.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:32 PM