baidu-map-ios-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill demonstrates security best practices by instructing users to handle API keys securely and requiring explicit privacy consent before initializing SDK services.
- [COMMAND_EXECUTION]: The skill utilizes standard iOS development tools such as
pod installandxcodebuildto manage dependencies and verify the build. These commands are executed as part of the primary skill purpose and do not involve arbitrary or unsafe execution patterns. - [EXTERNAL_DOWNLOADS]: The skill references dependencies hosted on trusted and well-known registries, including CocoaPods and RubyGems. These sources are considered safe within the context of iOS development.
- [PROMPT_INJECTION]: The skill contains a loop where the agent processes compiler output to automatically repair integration code. While this represents a surface for indirect prompt injection, the impact is low as the capabilities are focused on technical SDK configuration.
- Ingestion points: Compiler error messages and local project files.
- Boundary markers: Not explicitly defined for the automated repair loop.
- Capability inventory: Dependency management and project compilation via shell commands.
- Sanitization: No specific filtering of compiler output before processing.
Audit Metadata