widgetkit
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides patterns for data ingestion from external sources, identifying a surface for indirect prompt injection.
- Ingestion points: External data enters the system through
TimelineProviderandAppIntentTimelineProvider(e.g.,WeatherService.shared.fetch()) inSKILL.mdand via APNs push payloads inreferences/widgetkit-advanced.md. - Boundary markers: Data is encapsulated in Swift
Codablestructs, providing structural boundaries, but individual string content is not explicitly delimited or protected against embedded instructions. - Capability inventory: The code examples are restricted to the SwiftUI and WidgetKit frameworks; no dangerous capabilities like shell command execution or dynamic code evaluation (e.g.,
eval) are present. - Sanitization: The provided code templates do not include logic for sanitizing or validating the content of external data before it is rendered in the UI.
Audit Metadata