deployment
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (CRITICAL): The skill recommends 'npx testflight' for iOS submissions. This package is not an official tool from Expo or Apple and is fetched from an unverified external source (NPM registry). Executing unvetted packages via npx allows for immediate, arbitrary code execution on the host system.
- [Indirect Prompt Injection] (HIGH): This skill has a Category 8 risk surface. 1. Ingestion: Reads local source code and 'eas.json' during build steps. 2. Boundaries: No markers or 'ignore' instructions are provided to the agent. 3. Capabilities: The skill has network access and command execution rights. 4. Sanitization: None. Malicious project files could inject instructions to hijack the build or deployment process.
- [Data Exposure & Exfiltration] (HIGH): The configuration references './google-service-account.json'. This points the agent toward highly sensitive credentials, making them a target for exposure or exfiltration without adequate safeguards.
Recommendations
- AI detected serious security threats
Audit Metadata