tamagui
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill files. The skill functions purely as a reference for a well-known UI library.\n- [EXTERNAL_DOWNLOADS]: The skill references official Tamagui packages on NPM and its public GitHub repository. These are trusted, well-known technology resources and do not pose a security risk.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by directing the agent to read external repository documentation and source code. While the source is trusted, this capability allows for the ingestion of potentially untrusted data if local copies are synchronized with a compromised upstream repo.\n
- Ingestion points: Documentation and source paths listed in SKILL.md and reference files.\n
- Boundary markers: None identified in the instruction files.\n
- Capability inventory: The agent is granted Bash, Write, and Edit tools.\n
- Sanitization: No explicit sanitization or filtering is described for the ingested content.
Audit Metadata