assess-react-native-migration

Pass

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because its core functionality requires the agent to read and process content from external repositories, which could contain malicious instructions designed to influence agent behavior.
  • Ingestion points: The agent is instructed in SKILL.md to inspect production client codebases, workspace roots, CI configurations, and product documentation.
  • Boundary markers: The instructions do not define explicit delimiters or use specific language to warn the agent to ignore instructions embedded within the data it analyzes.
  • Capability inventory: The skill is strictly diagnostic and read-only. No dangerous capabilities such as arbitrary command execution, network exfiltration, or file-system writing were identified in the instructions or configuration.
  • Sanitization: The skill does not mention any sanitization or validation techniques for the content retrieved from external sources before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 10, 2026, 05:12 PM
Security Audit — agent-trust-hub — assess-react-native-migration