react-native-app
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (HIGH): The script
scripts/generate_component.pyis vulnerable to indirect prompt injection via the component name. - Ingestion points: The component name is ingested from
sys.argv[1]. - Boundary markers: None.
- Capability inventory: The script performs file system writes and directory creation (
mkdir,open). - Sanitization: Absent; the unvalidated name is used to build file paths and source code, allowing for path traversal and code injection.
Recommendations
- AI detected serious security threats
Audit Metadata