Skills
skills/scandit/skills/matrixscan-ar-rn/Gen Agent Trust Hub

matrixscan-ar-rn

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill maintains an attack surface for indirect prompt injection as its primary function involves ingesting and modifying user-provided React Native source files.
  • Ingestion points: User-supplied code (e.g., the files in the 'evals/fixtures/' directory) is read and analyzed by the agent to determine integration steps.
  • Boundary markers: The skill does not instruct the agent to use specific boundary markers or 'ignore' instructions to encapsulate the untrusted user code.
  • Capability inventory: The agent is empowered to write and modify files in the user's project environment based on the processed code.
  • Sanitization: No sanitization or validation logic is specified for the input code before it is used to generate output, which could allow malicious comments in user files to influence agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 01:16 PM
Security Audit — agent-trust-hub — matrixscan-ar-rn