json-render-react-native
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill is a sink for untrusted UI specifications which can include interactive actions and state mutations.
- Ingestion points: Renderer component (spec prop) and useUIStream hook (SKILL.md).
- Boundary markers: Absent; no delimiters are used to wrap or isolate the UI data from the agent context.
- Capability inventory: State mutation (setState), event handling (Pressable), and dynamic component rendering (registry).
- Sanitization: Absent; the documentation does not describe any validation or filtering of the incoming JSON logic.
- [External Downloads] (MEDIUM): The useUIStream export allows the dynamic fetching and execution of UI logic from remote URLs at runtime.
- [Dynamic Execution] (MEDIUM): The skill interprets a domain-specific logic language for props and visibility (e.g., $state, $cond, $bindState) at runtime.
Recommendations
- AI detected serious security threats
Audit Metadata