axiom-storekit-ref
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a static documentation reference for iOS developers using StoreKit 2. It contains no executable scripts or commands that would be run by an AI agent on a host system.
- [SAFE]: No prompt injection attempts were detected. Instructional language used (e.g., 'CRITICAL: Always finish transaction') refers to programming best practices for Apple's framework and does not attempt to override the AI's safety guidelines.
- [SAFE]: Data exposure analysis shows no hardcoded secrets. The code snippets use standard placeholders such as 'YOUR_PRIVATE_KEY' and 'YOUR_KEY_ID' for configuration examples.
- [SAFE]: External references to the 'App Store Server Library' and various WWDC sessions are to well-known, official Apple developer resources. These are documented neutrally as legitimate dependencies and references.
- [SAFE]: The skill does not contain any obfuscated content, persistence mechanisms, or privilege escalation patterns.
Audit Metadata