vercel-react-native-skills
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override agent behavior, bypass safety filters, or extract system prompts. The content is strictly technical guidance.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were detected. Code examples use benign placeholders for URLs and data.
- [Obfuscation] (SAFE): No evidence of Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques designed to hide malicious intent.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): While the skill recommends several third-party libraries (e.g., Reanimated, Zeego, FlashList), these are industry-standard, reputable packages. There are no automated scripts that download or execute code from untrusted remote sources.
- [Privilege Escalation] (SAFE): No commands requesting root access (sudo) or modifying system-level permissions were found.
- [Indirect Prompt Injection] (SAFE): The skill serves as a static knowledge base for an agent and does not provide a surface for ingesting or processing untrusted external data that could influence agent behavior.
Audit Metadata