expo-upgrade
Pass
Audited by Gen Agent Trust Hub on Jul 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs official Expo packages and required dependencies like
react-native-workletsandexpo@latestfrom the NPM registry. - [COMMAND_EXECUTION]: Employs standard shell commands for project housekeeping, such as clearing caches (
rm -rf node_modules,watchman watch-del-all), running environment diagnostics (npx expo-doctor), and regenerating native platform directories (npx expo prebuild). - [COMMAND_EXECUTION]: Utilizes
npx expo-codemodto perform automated code migrations, involving the programmatic rewriting of import statements and component structures based on SDK changes. - [REMOTE_CODE_EXECUTION]: Uses the
xcobrautility viabunxto evaluate JavaScript expressions within the application's runtime context for architecture verification. - [PROMPT_INJECTION]: Processes technical migration documentation from local reference files to guide automated upgrades and project maintenance.
- Ingestion points: Multiple markdown files in the
./references/directory. - Boundary markers: Absent; instructions are interpreted directly from the text.
- Capability inventory: Includes subprocess execution (
npx expo), file system deletion (rm), and automated code transformation (expo-codemod) across the upgrade workflow. - Sanitization: Absent; the skill relies on the integrity of the provided reference documentation.
Audit Metadata