migrate-nativewind-to-uniwind
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it instructs the agent to process external, potentially untrusted project data.
- Ingestion points: The agent is directed to read
package.json,tailwind.config.js,metro.config.js,babel.config.js, and project source files (.ts,.tsx, etc.) from the user's workspace. - Boundary markers: There are no explicit instructions or delimiters used to separate the project data from the agent's instructions, nor are there commands to ignore instructions embedded within those files.
- Capability inventory: The agent has the authority to execute shell commands (
npm,yarn,bun,rg,rm) and modify files, which could be exploited if malicious instructions are present in the ingested data. - Sanitization: No sanitization or validation of the content of the read files is performed before the agent acts on the migration steps.
- [COMMAND_EXECUTION]: The skill provides various shell commands for package uninstallation, installation, and codebase searching. These commands are standard for the described migration workflow.
- [SAFE]: All external documentation and package references point to the vendor's official domain (
uniwind.dev) or standard registries, which is consistent with the skill author (uni-stack). - [SAFE]: The use of instructional markers such as 'CRITICAL' and 'IMPORTANT' is used to emphasize technical migration requirements and common developer errors, rather than attempting to bypass safety filters.
Audit Metadata