local-build
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various system commands to manage the project environment, including 'ls' for verification, 'npx expo prebuild' for environment setup, and 'chmod +x' to make the dynamically generated build scripts executable.
- [EXTERNAL_DOWNLOADS]: The skill utilizes 'npx expo prebuild', which may download the Expo CLI or necessary project dependencies from the npm registry if they are not already present in the local cache. This is a standard development practice for Expo projects.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by reading project metadata (name, slug, bundle identifier) from external configuration files like 'app.json' and 'app.config.js' and interpolating them directly into shell scripts.
- Ingestion points: Project configuration files including 'app.json', 'app.config.js', and 'app.config.ts'.
- Boundary markers: None present; the skill instructs the agent to extract and use literal values.
- Capability inventory: Writing shell scripts to the filesystem, modifying file permissions ('chmod +x'), and running initialization commands ('npx expo prebuild').
- Sanitization: No sanitization or validation of the extracted values is performed before interpolation into the bash script templates.
Audit Metadata