upgrading-expo
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The file 'references/new-architecture.md' includes the command 'bunx xcobra expo eval "_IS_FABRIC"'. The package 'xcobra' is not an established or trusted tool within the Expo or React Native ecosystems. Running unverified packages through bunx (or npx) enables the execution of arbitrary remote code from the npm registry.
- EXTERNAL_DOWNLOADS (HIGH): The skill promotes the download and execution of 'xcobra', which is an unknown dependency from an untrusted source, at runtime.
- COMMAND_EXECUTION (LOW): The skill instructs the agent to perform administrative cleanup and build tasks, including 'rm -rf node_modules', 'watchman watch-del-all', 'pod install', and 'gradlew clean'. These are standard in mobile development but require significant environment permissions.
Recommendations
- AI detected serious security threats
Audit Metadata