react-native-skills
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No attempts to override agent instructions or bypass safety filters were detected. The use of terms like 'CRITICAL' and 'HIGH' is limited to describing performance impact levels.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials (API keys, secrets) or access to sensitive local file paths (e.g., .ssh, .aws) were found. No unauthorized network requests are present.
- [Obfuscation] (SAFE): All content is provided in plain text markdown with no Base64 encoding, zero-width characters, or homoglyph-based evasion techniques.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references standard, reputable libraries (e.g., Reanimated, Expo, LegendList). There are no remote script execution patterns (e.g., curl | bash) or suspicious dependency installations.
- [Privilege Escalation] (SAFE): No commands related to privilege escalation, such as 'sudo' or modifications to system permissions, were identified.
- [Persistence Mechanisms] (SAFE): No instructions to modify shell profiles, cron jobs, or system services for persistence were found.
- [Metadata Poisoning] (SAFE): The metadata accurately identifies the author (vercel) and the purpose of the skill. No hidden instructions were found in the metadata fields.
- [Indirect Prompt Injection] (SAFE): The skill serves as a static reference for coding best practices and does not ingest or process untrusted external data at runtime.
- [Time-Delayed / Conditional Attacks] (SAFE): No logic was found that gates behavior based on date, time, or specific environment conditions.
- [Dynamic Execution] (SAFE): The skill does not use 'eval()', 'exec()', or unsafe deserialization. Reanimated worklets are used appropriately within the framework's intended architecture.
Audit Metadata