uniwind-best-practices
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill creates a significant indirect prompt injection surface as it instructs the agent to refactor and generate code based on untrusted user input. 1. Ingestion points: User React Native source code and task descriptions in the prompt. 2. Boundary markers: No specific delimiters or instructions are provided to separate user code from agent-executed refactoring rules. 3. Capability inventory: Facilitates broad code modification, configuration changes in metro.config.js/babel.config.js, and package installation. 4. Sanitization: Absent.
- [Unverifiable Dependencies & Remote Code Execution] (MEDIUM): The skill recommends installing dependencies such as uniwind, tailwind-merge, and various expo packages which are not from the predefined list of trusted organizations.
- [COMMAND_EXECUTION] (LOW): Documentation includes standard development environment commands like npx expo start --clear for resetting the Metro bundler cache.
Recommendations
- AI detected serious security threats
Audit Metadata