mobile
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill templates reference standard package management tools (
npm,flutter pub) and well-known libraries (e.g.,flutter_riverpod,dio,go_router). These dependencies are standard within the mobile development ecosystem and are sourced from trusted registries (npm and pub.dev). - [COMMAND_EXECUTION] (SAFE): The
README.mdincludes instructions for running legitimate development commands such aseas buildandflutter run. These are required for the intended use case of building and running mobile applications and do not perform unexpected or unauthorized actions. - [DATA_EXPOSURE] (SAFE): Sensitive fields in
eas.jsonandapp.json(such as Apple IDs, Project IDs, and Team IDs) use clearly marked placeholders (e.g.,your-project-id,YOUR_TEAM_ID,your@email.com). This follows best practices by preventing the leakage of actual developer credentials while providing a usable template. - [SECURITY_ALERT_REVIEW] (SAFE): An automated scan alert regarding a malicious URL (
styles.ph) was considered; however, exhaustive analysis of the 4 provided files revealed no presence of this string, any encoded variants, or any related malicious network requests. The files contain only standard configuration and documentation.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata