core-data
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard documentation and code snippets for the Core Data framework. The logic follows official development guidelines for stack initialization, background context usage, and UI integration.
- [DATA_EXFILTRATION]: The skill contains links to
sosumi.aifor external documentation. These are informational references to a documentation mirror and do not involve automated network requests or exfiltration of sensitive information. - [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection via data ingestion points in
batchImportandimportItemsinSKILL.md. Evidence: Ingestion points are the record dictionaries and item data; Boundary markers are absent; Capabilities include database persistence viacontext.save(); Sanitization is absent in these boilerplate snippets. These are standard implementation examples for a persistence layer with no malicious intent detected.
Audit Metadata