React Native Update (Pushy) Integration
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent React Native hot-update integration guide, but it asks you to run package-manager commands, a local diagnostic script, and make production-relevant update configuration changes.
This skill appears safe for its stated purpose. Before installing or using it, review the npm/pod/npx commands, run them in a version-controlled project, inspect generated native changes, and be deliberate about Pushy update strategies—especially silent update modes.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the setup may install or update dependencies on your machine and in your app project.
The setup relies on external package-manager and native dependency commands, including a global npm CLI install. This is expected for React Native integration, but users should understand these commands fetch and install third-party code.
`npm i -g react-native-update-cli`; `npm i react-native-update`; `cd ios && pod install`; `npx expo prebuild`
Run these commands intentionally, preferably in a clean working tree, and review package sources, lockfile changes, and generated native files before committing.
The diagnostic script will inspect files in the selected React Native project and print integration status.
The helper is a shell script that runs local node and grep commands inside the selected app root. Its observed behavior is diagnostic and read-only, but it is still local command execution.
APP_ROOT="${1:-$(pwd)}"
cd "$APP_ROOT"
...
if node -e "const p=require('./package.json'); ..."
...
if grep -R --line-number --include='package.json' 'expo-updates' .Review the script before running it and pass the intended app root path explicitly if your workspace contains multiple projects.
If misconfigured, app users could receive or apply updates in a way that is hard to notice or recover from.
The skill helps configure release-build hot updates, including silent update strategies. This is central to the stated purpose, but a bad update strategy or rollout can affect many installed app clients.
`updateStrategy`: `alwaysAlert` / `alertUpdateAndIgnoreError` / `silentAndNow` / `silentAndLater` / `null`
Use staged rollout, keep server-side rollout rules authoritative, test rollback behavior, and avoid silent strategies unless they match your release policy.