react-native-expo-development
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill creates a significant attack surface by ingesting untrusted external data (documentation search results) and using it to drive high-privilege operations. • Ingestion points: External documentation search results from
expo-mcp. • Boundary markers: Absent; the skill does not define delimiters or provide instructions to ignore embedded commands in the documentation. • Capability inventory: Package installation (add_library), file system modification (implementing screens), and UI interaction (tapping buttons and taking screenshots). • Sanitization: Absent; there is no validation of content from external sources before it is used to modify the project. - [Unverifiable Dependencies & Remote Code Execution] (MEDIUM): The skill mandates the use of an unverified external tool
expo-mcpfor package management and testing, which introduces a dependency on a non-standard software supply chain component.
Recommendations
- AI detected serious security threats
Audit Metadata