brin
brin

@expo/cli

npm

Is @expo/cli safe to use?

The latest brin safety scan flagged @expo/cli v54.0.23 with risk indicators that warrant review. No known CVE vulnerabilities. Trust score: 85/100. Review the findings below before use. This is an automated assessment and may contain errors.

Install (safety-checked)

@expo/cli Has Warnings

Warnings detected due to potential concerns

warning
CVEs

0

Threats

0

Install Scripts

0

Risk Indicators

  • Can spawn child processes

brin Recommendations

  • This package has warnings detected. Evaluate the specific concerns before proceeding.

Install with brin add @expo/cli to automatically apply these checks before installation.

This is an automated, point-in-time assessment and may contain errors. Findings are risk indicators, not confirmed threats. Security posture may change over time. Maintainers can dispute findings via the brin review process.

@expo/cli Capabilities & Permissions

What @expo/cli can access when installed. Review these capabilities before using with AI agents like Cursor, Claude Code, or Codex.

Network Access

This package makes network requests.

127.0.0.1api.expo.devapi.github.comapps.apple.comcdp.expo.devcodeload.github.comdeveloper.android.comdeveloper.apple.comdeveloper.mozilla.orgdocs.expo.dev+23 more
Protocols: http, https, websocket

Process Spawning

This package can spawn child processes.

Environment Variables

Accesses the following environment variables.

ANDROID_HOMEANDROID_SDK_ROOTBABEL_ENVBUILT_PRODUCTS_DIREXPO_DEV_SERVER_ORIGINEXPO_OFFLINEEXPO_PACKAGER_PROXY_URLEXPO_PUBLIC_PROJECT_ROOTEXPO_ROUTER_ABS_APP_ROOTEXPO_ROUTER_APP_ROOT+16 more

AGENTS.md for @expo/cli

Good instructions lead to good results. brin adds @expo/cli documentation to your AGENTS.md so your agent knows how to use it properly—improving both safety and performance.

brin init

Vercel's research: 100% accuracy with AGENTS.md vs 53% without →

@expo/cli Documentation & Source Code

For the full @expo/cli README, API documentation, and source code, visit the official package registry.

View on npmView SourceHomepage

Frequently asked questions about @expo/cli safety

Weekly Downloads

2.9M

Version

54.0.23

License

MIT

Other Versions

54.0.22warning

Last Scanned

Feb 4, 2026

Trust Score

85/100·Legitimacy signals, not safety

Capabilities

Network

Connects to: 127.0.0.1, api.expo.dev, api.github.com...

Process

Spawns child processes

Environment

Accesses: ANDROID_HOME, ANDROID_SDK_ROOT, BABEL_ENV...

Is @expo/cli Safe? | npm Safety Scan - brin