coding-swift
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute 'swift build' and 'swift test' commands within the local environment to manage development workflows.
- [EXTERNAL_DOWNLOADS]: It references external dependencies via the Swift Package Manager, specifically citing the trusted 'apple/swift-algorithms' repository as an example for integration.
- [PROMPT_INJECTION]: A vulnerability to indirect prompt injection exists because the skill is designed to process and act upon Swift source files and 'Package.swift' manifests which may contain untrusted content.
- Ingestion points: Swift source files and project configuration manifests.
- Boundary markers: No delimiters or specific instructions to ignore embedded commands are included in the skill body.
- Capability inventory: The skill utilizes shell execution for building and testing code using the swift toolchain.
- Sanitization: There is no validation or sanitization process defined for the content of the project files before they are processed by the toolchain.
Audit Metadata