appkit-bridge
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): The instructions are strictly limited to technical constraints and best practices for SwiftUI/AppKit integration. No bypass or override patterns were detected.
- Data Exposure & Exfiltration (SAFE): No sensitive file paths, credentials, or network calls are present in the provided code snippets. All operations are local UI-focused logic.
- Obfuscation (SAFE): The content is clear-text markdown and Swift code with no evidence of encoding, zero-width characters, or homoglyphs.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not reference external package managers (npm, pip) or use shell commands to download and execute remote scripts.
- Indirect Prompt Injection (SAFE): The skill acts as a static reference for UI development. It does not ingest external data or provide an attack surface for data-driven instruction injection.
- Dynamic Execution (SAFE): The code snippets use standard, compiled Swift APIs. There is no use of unsafe deserialization, runtime code generation, or reflective execution of untrusted input.
Audit Metadata