Skills
skills/dpearson2699/swift-ios-skills/cloudkit/Gen Agent Trust Hub

cloudkit

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill contains logic for fetching and processing data from remote CloudKit databases, which serves as an ingestion point for untrusted content. This creates a surface for indirect prompt injection if the synchronized data contains malicious instructions.
  • Ingestion points: Data is retrieved from CloudKit in SKILL.md (via privateDB.records and syncEngine.fetchChanges) and in references/cloudkit-patterns.md (via CKFetchRecordZoneChangesOperation).
  • Boundary markers: There are no explicit boundary markers or delimiters used when processing record data to isolate it from the agent's core instructions.
  • Capability inventory: The skill has the capability to write to the local file system (using FileManager ubiquity APIs) and modify remote data in iCloud databases.
  • Sanitization: No specific sanitization or validation of data retrieved from remote records is implemented in the provided Swift snippets.
  • [EXTERNAL_DOWNLOADS]: The skill references documentation hosted on a non-official, third-party domain.
  • Evidence: The References section in SKILL.md links to framework documentation at https://sosumi.ai/documentation/cloudkit rather than official vendor sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 08:14 PM