adattributionkit
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a technical guide for implementing Apple's AdAttributionKit for ad measurement and attribution on iOS devices.
- [CREDENTIALS_UNSAFE]: No sensitive information or hardcoded credentials were found. The base64-encoded strings provided are Apple's public keys used for legitimate signature verification of attribution postbacks.
- [REMOTE_CODE_EXECUTION]: The skill does not contain any remote code execution patterns, unverified dependencies, or scripts that download external content.
- [PROMPT_INJECTION]: No instructions attempting to override agent behavior, bypass safety filters, or reveal system prompts were detected.
- [INDIRECT_PROMPT_INJECTION]: While the skill describes handling external data (JWS strings and universal link URLs), it emphasizes security best practices by providing detailed code for JWS signature verification using the CryptoKit framework.
- [COMMAND_EXECUTION]: The provided openssl commands are standard developer tools documented for manual execution by the user to generate ad network keys and do not represent automated or malicious execution.
Audit Metadata