axiom-swiftui-nav-ref
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Deceptive metadata is present in the skill, which claims to be from December 2025 and references non-existent software versions such as 'iOS 26' and 'Liquid Glass' design. This fictional information could mislead an AI agent into generating or recommending non-functional code.
- [PROMPT_INJECTION]: The skill documents an indirect prompt injection surface through deep link processing logic.
- Ingestion points: External data is ingested via the .onOpenURL modifier and URLComponents parsing in SKILL.md.
- Boundary markers: The provided code examples lack boundary markers or instructions to ignore embedded commands within the processed URLs.
- Capability inventory: The skill demonstrates programmatic control over the application's navigation state (NavigationPath) based on external inputs, allowing an attacker to influence the application flow.
- Sanitization: No validation, sanitization, or whitelisting of URL hosts or paths is included in the reference implementations.
Audit Metadata