react-native-best-practices
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill recommends installing the Flashlight performance tool using a 'curl pipe to bash' pattern (
curl https://get.flashlight.dev | bash), which allows for the execution of unverified remote scripts. - [PROMPT_INJECTION]: The skill exhibits metadata poisoning; the internal metadata attributes the content to 'Callstack', while the provided author context identifies 'pyinx', which is misleading regarding the origin and trustworthiness of the provided instructions.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: Reads local project configuration files like
package.jsonand.gradlevia search commands. Boundary markers: No delimiters or ignore-instructions warnings are present. Capability inventory: Executes build tools (gradlew,xcodebuild), package managers (npm,npx), and network requests (curl). Sanitization: No escaping or validation of project-derived content is performed. - [COMMAND_EXECUTION]: The skill instructs the agent to execute high-privilege shell commands including
gradlewandxcodebuildto interact with native build systems. - [EXTERNAL_DOWNLOADS]: The skill fetches tools and configurations from third-party services like Spotify's Ruler and Emerge Tools for app size analysis and performance monitoring.
Audit Metadata