bluebubbles
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of instructional content and does not include any executable code, scripts, or remote resource downloads. It defines interactions with a messaging tool which is part of the standard platform capabilities.
- [SAFE]: The 'sendAttachment' feature uses a local file path parameter. While this allows the agent to access local files, it is a standard function of messaging tools and the skill does not instruct the agent to access sensitive credentials or system files.
- [SAFE]: The skill has an attack surface for indirect prompt injection because it allows the agent to read and process incoming messages. 1. Ingestion points: iMessage content received through the BlueBubbles integration. 2. Boundary markers: Not specified in the skill instructions. 3. Capability inventory: Message management actions via the generic message tool. 4. Sanitization: Not explicitly defined; the agent relies on inherent safety guardrails.
Audit Metadata