Skills
skills/johnrogers/claude-swift-engineering/generating-swift-package-docs/Gen Agent Trust Hub

generating-swift-package-docs

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill processes untrusted data from external Swift package repositories which could contain instructions designed to influence the AI agent.
  • Ingestion points: scripts/generate_docs.py (line 98) reads all markdown files generated by interfazzle and the package's README.md file.
  • Boundary markers: Absent. The content is concatenated directly without delimiters or safety warnings for the agent.
  • Capability inventory: The script writes the documentation to the project filesystem; the agent is instructed by SKILL.md to read these files to answer user questions.
  • Sanitization: No sanitization or validation is performed on the markdown content before it is presented to the agent.
  • Data Exposure (LOW): The skill accesses the user's Xcode DerivedData directory to retrieve package information.
  • Evidence: scripts/swift_packages.py (line 38) accesses ~/Library/Developer/Xcode/DerivedData.
  • Context: Access to this directory is necessary for the skill's primary purpose and does not target sensitive credential files.
  • Command Execution (SAFE): The script executes git and interfazzle using the subprocess module.
  • Evidence: scripts/generate_docs.py (line 39) uses subprocess.run with list arguments.
  • Context: This is a secure implementation that avoids shell injection vulnerabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:47 PM