Skills
skills/involvex/expo-app-skills/use-dom/Gen Agent Trust Hub

use-dom

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFE
Full Analysis
  • General Security (SAFE): The skill is entirely instructional, focusing on a standard Expo framework feature. The provided code examples are idiomatic and safe for their intended purpose.- Indirect Prompt Injection (LOW): The skill documents how to pass props to web views, which creates an ingestion surface for data (Category 8). \n
  • Ingestion points: Props like data, content, and code in components like WebChart.tsx and dom-component.tsx. \n
  • Boundary markers: Absent in examples (standard React prop passing). \n
  • Capability inventory: Native alerts (Alert.alert) and logging via function props in app/index.tsx. \n
  • Sanitization: Absent in examples. \n
  • Severity Note: Classified as LOW as this is a standard framework feature and the documentation does not suggest unsafe interpolation or provide specific exploit vectors.- Data Exposure (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected in the skill contents.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 09:29 AM