apple-app-store-agent
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted user data (app name, description, features) and utilizes it to generate metadata files and drive script execution. This creates a surface for potential command injection or prompt subversion if input is not properly sanitized.\n
- Ingestion points: User-provided app information (name, bundle ID, features) in Step 1.\n
- Boundary markers: Absent; no delimiters or 'ignore' instructions are provided for user-supplied strings.\n
- Capability inventory: Execution of local Python scripts (
init_fastlane_structure.py,generate_screenshot_mockup.py, etc.) which likely perform file system and subprocess operations.\n - Sanitization: No sanitization or validation logic is described in the prompt-level instructions.\n- Command Execution (SAFE): The skill legitimately uses command-line execution of Python scripts to automate folder creation and image processing, which is consistent with its primary purpose.
Audit Metadata