capacitor-plugin-spm-support
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill performs routine development tasks such as reading project manifests, creating Swift package manifests, and executing standard Capacitor CLI commands.
- [COMMAND_EXECUTION]: The skill uses 'npx cap sync' to verify the migration. This is a standard and expected operation within the Capacitor development workflow.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by processing external code and configuration files. Ingestion points: 'package.json', '.podspec', and main Swift plugin class (Step 1). Boundary markers: Absent. Capability inventory: Local file modification and 'npx' execution. Sanitization: None detected.
Audit Metadata