swift
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The file 'references/swift-otel.md' references 'https://github.com/swift-otel/swift-otel.git'. This organization is not included in the 'Trusted GitHub Organizations' list, making the dependency unverifiable by default.
- [COMMAND_EXECUTION] (LOW): The file 'references/debugging.md' provides shell command examples using the GitHub CLI ('gh') to fetch logs and view run details. If an agent executes these as instructed, it performs external API calls and local file writes.
- [DATA_EXFILTRATION] (LOW): Documentation in 'references/debugging.md' suggests fetching CI job logs to '/tmp/logs.txt'. This pattern involves moving data from a remote service to a local environment, which could contain sensitive information.
- [SAFE] (INFO): The 'apple/swift-configuration' library mentioned in 'references/swift-configuration.md' is from a trusted organization ('apple').
- [SAFE] (INFO): The skill includes security-positive patterns such as avoiding 'unsafeLoad' in 'SKILL.md' and implementing secret redaction in 'references/swift-configuration.md'.
Audit Metadata