expo-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No evidence of role-play instructions, safety bypass attempts, or instructions to ignore previous rules. The language is purely technical and instructional.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or exfiltration patterns were detected. References to local storage (SQLite and File System) are aligned with the intended functionality of a mobile development skill.
- [Obfuscation] (SAFE): No use of Base64 encoding, zero-width characters, homoglyphs, or other techniques to hide malicious intent.
- [Unverifiable Dependencies] (SAFE): The skill references standard Expo and React Native ecosystem tools (
npx expo,eas-cli) and official Expo packages. No suspicious third-party scripts or remote code execution patterns were found. - [Indirect Prompt Injection] (SAFE): While the skill documentation covers data persistence, there are no patterns suggesting the agent would process untrusted input in a way that leads to injection vulnerabilities. Code examples utilize SQL parameterization (e.g.,
?placeholders) as a best practice.
Audit Metadata