swiftui-webkit
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill provides the ability to process untrusted external content, creating a vulnerability surface. 1. Ingestion points:
WebViewandpage.loadmethods inSKILL.mdaccept arbitrary URLs and HTML strings. 2. Boundary markers: No delimiters or isolation instructions are present in the provided snippets. 3. Capability inventory:callJavaScript,snapshot,pdf, andwebArchiveDatamethods (SKILL.md) allow extraction of data from the browser context. 4. Sanitization: The skill lacks examples of content validation or output sanitization.
Audit Metadata