uniwind-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines clear security boundaries, explicitly instructing the agent to avoid reading sensitive files such as .env, .npmrc, or .yarnrc.yml. These instructions protect user credentials and secrets.
- [SAFE]: Installation and configuration commands (e.g., npm install, npx expo prebuild) are presented as instructions for the user to follow, ensuring no unauthorized command execution occurs within the agent context.
- [SAFE]: Analysis of the reference files and core logic revealed no evidence of prompt injection, data exfiltration, obfuscation, or malicious remote code execution. All external links point to official documentation domains (docs.uniwind.dev).
- [SAFE]: The skill uses local reference files for its knowledge base, minimizing reliance on external data fetching at runtime.
Audit Metadata