swiftui-webkit
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were identified in the skill files. The content serves as a legitimate technical guide for SwiftUI development.
- [PROMPT_INJECTION]: The skill documents an architecture for processing untrusted web data, which is its primary purpose, but it incorporates necessary safety patterns.
- Ingestion points: Web content is loaded via
WebViewandWebPage.load()throughout the documentation and reference files. - Boundary markers: The instructions recommend using
WebPage.NavigationDecidingto restrict navigation to trusted domains (e.g.,docs.example.com). - Capability inventory: The skill utilizes
callJavaScriptfor interaction and custom URL schemes for signaling. - Sanitization: The documentation explicitly advises against string interpolation for JavaScript calls, recommending structured
argumentspassing to mitigate injection risks.
Audit Metadata