expo-react-native-coder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The file
references/test-e2e-maestro.mdincludes instructions for installing a third-party tool usingcurl -Ls "https://get.maestro.mobile.dev" | bash. While this is the official installation method for Maestro, piped execution of remote scripts is a security risk as it bypasses local inspection before execution. - PROMPT_INJECTION (LOW): The skill defines patterns for ingesting untrusted data through forms and deep link parameters, creating a surface for indirect prompt injection.
- Ingestion points:
references/form-controlled-inputs.md,references/link-handle-incoming.md, andassets/templates/screens/form-screen.tsxingest data from user inputs and URL segments. - Boundary markers: No LLM-specific boundary markers (e.g., delimiters or 'ignore' instructions) are present in the code templates.
- Capability inventory: The templates perform network operations (
fetch) and state transitions based on the ingested data (e.g.,assets/templates/screens/list-screen.tsx,assets/templates/hooks/use-auth.tsx). - Sanitization: The templates include basic validation (regex, trimming) for data types like email and length, which provides standard protection but is not designed to prevent LLM-specific injection attacks.
Audit Metadata