Trust Assessment
react-native-expert received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 0 critical, 2 high, 1 medium, and 0 low severity. Key findings include Covert behavior / concealment directives, Potential Command Injection via dynamic module installation, Supply Chain Risk from untrusted module installation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit e8be415b). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Covert behavior / concealment directives CSS-based text hiding Remove hidden instructions, zero-width characters, and bidirectional overrides. Skill instructions should be fully visible and transparent to users. | Manifest | skills/react-native-expert/SKILL.md:153 | |
| HIGH | Potential Command Injection via dynamic module installation The skill instructs the host LLM to use `npx expo install <module>` for resolving native module issues. If the `<module>` argument is derived directly from untrusted user input without proper sanitization or validation, it could allow an attacker to inject arbitrary shell commands. For example, an input like `; rm -rf /` could lead to unintended command execution. The host LLM must strictly validate and sanitize any user-provided input before incorporating it into shell commands. Only allow a predefined list of safe module names or implement robust escaping for shell arguments to prevent command injection. | LLM | SKILL.md:29 | |
| MEDIUM | Supply Chain Risk from untrusted module installation The instruction `npx expo install <module>` allows the installation of external packages. If the `<module>` name is provided by an untrusted source (e.g., user input), there's a risk of installing malicious or typosquatted packages. This could lead to a supply chain compromise where an attacker introduces malicious code into the development environment. The host LLM should validate module names against trusted registries or a whitelist. Implement a policy to only install modules from known, reputable sources. Consider sandboxing the environment where `npx expo install` is executed to limit potential damage. | LLM | SKILL.md:29 |
Scan History
Embed Code
[](https://skillshield.io/report/c953dfef8b1ed3f6)
Powered by SkillShield