Skills
skills/involvex/skills/expo-cicd-workflows/Gen Agent Trust Hub

expo-cicd-workflows

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads JSON schemas and documentation from official Expo domains (api.expo.dev) and the official Expo GitHub repository (github.com/expo/expo). These are well-known services and trusted sources for the purpose of this skill.
  • [COMMAND_EXECUTION]: The skill uses local Node.js scripts (fetch.js and validate.js) to automate the retrieval of remote resources and the validation of YAML files. These scripts utilize standard libraries for their intended tasks.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests external data by fetching documentation from a public GitHub repository. While this creates a theoretical ingestion surface, the risk is negligible as the data comes from a trusted vendor repository and is used for reference purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 05:06 AM