appstore-submission-content
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points: The skill instructs the agent to read and extract information from multiple local project files, including
README.md,package.json,Info.plist, source code comments, and various localization files (.strings,.arb,.xml). - Boundary markers: There are no defined delimiters or 'ignore' instructions provided to the agent to distinguish between project data and potential malicious commands embedded within those files.
- Capability inventory: The skill's primary function is generating text output; it does not request or demonstrate dangerous capabilities such as executing shell commands, writing to the filesystem, or making network requests.
- Sanitization: The skill does not implement any validation or sanitization logic to filter content extracted from project files before processing it.
Audit Metadata