ios-networking
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely composed of markdown documentation and Swift code snippets designed to assist with app development. No executable scripts or binary files are included.
- [SAFE]: No prompt injection attempts or instructions to bypass safety guidelines were found in the skill metadata or body.
- [SAFE]: The provided code examples follow security best practices, such as storing tokens in the Keychain, validating HTTP status codes before processing responses, and avoiding hardcoded secrets.
- [SAFE]: The skill explicitly avoids third-party dependencies, relying solely on Apple's native frameworks (URLSession, Network), which minimizes supply chain risks.
- [SAFE]: While the documentation references future/fictional versions of software (iOS 26, Swift 6.2) and a fictional documentation domain (sosumi.ai), these are used for illustrative purposes and do not represent a security threat.
- [SAFE]: Analysis of Indirect Prompt Injection (Category 8) vulnerability surface: Ingestion points: Data and bytes methods in SKILL.md and urlsession-patterns.md. Boundary markers: JSONDecoder used for structured data. Capability inventory: Subprocess calls are absent; file-write and network operations are present (URLSession, FileManager). Sanitization: Status code validation and JSON schema decoding via Codable are implemented.
Audit Metadata