vercel-react-native-skills
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations detected. All external links point to reputable documentation sites (e.g., react.dev, expo.dev, swmansion.com).
- [Obfuscation] (SAFE): Content is clear and human-readable. No Base64 encoding, zero-width characters, or homoglyphs were identified.
- [Unverifiable Dependencies] (LOW): The skill references several widely-used, reputable community libraries (e.g., react-native-reanimated, FlashList, Zeego, expo-image). These are standard in the React Native ecosystem. Per [TRUST-SCOPE-RULE], as the author 'vercel' is a trusted organization, these references are considered safe.
- [Dynamic Execution] (SAFE): No use of dangerous functions like
eval(),exec(), or runtime code generation from external inputs. The included scripts (main.cjs,hooks/) are minimal and perform no logic beyond returning status objects. - [Privilege Escalation & Persistence] (SAFE): No commands related to
sudo, system modification, or persistent access (e.g., cron, shell profiles) were found.
Audit Metadata