Skills
skills/jezweb/claude-skills/react-native-expo/Gen Agent Trust Hub

react-native-expo

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The expo-build agent executes standard development commands such as npx eas-cli, npx expo, and npm test. These are necessary for the skill's primary purpose of managing mobile app builds and deployments.
  • [COMMAND_EXECUTION] (SAFE): The script scripts/check-rn-version.sh uses node -p to parse the local package.json file. This is a standard method for extracting version information in a JavaScript development environment and poses no security risk.
  • [DATA_EXPOSURE] (SAFE): The agent reads project configuration files like app.json and eas.json. While these files contain project metadata, the access is confined to local build operations initiated by the user. No evidence of unauthorized network transmission or exfiltration was found.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The build agent ingests data from local configuration files (app.json, eas.json) and package manifests. While an attacker who modifies these files could theoretically influence the agent's output, the risk is minimal as the commands executed are largely static build triggers and follow standard developer workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:37 PM