swiftui-expert-skill
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to review and improve existing SwiftUI code provided by the user, which creates a surface for indirect prompt injection. Malicious instructions embedded in the source code under review could potentially influence the agent's behavior.
- Ingestion points: Untrusted user code enters the agent context through the review and refactoring workflows specified in
SKILL.md. - Boundary markers: The skill does not provide explicit delimiters (e.g., XML tags or triple quotes) or specific 'ignore embedded instructions' warnings for the code it processes.
- Capability inventory: The agent utilizing this skill typically possesses the capability to read/write files and execute commands within the developer's environment.
- Sanitization: The skill does not instruct the agent to sanitize or validate the content of the SwiftUI code before processing it.
- [EXTERNAL_DOWNLOADS]: The
README.mdfile contains instructions for installing the skill usingnpx skills addand adding plugins to Claude Code, which involve downloading content from an external GitHub repository (github.com/avdlee/swiftui-agent-skill). These references point to the skill's own source and distribution platform.
Audit Metadata