axiom-app-store-diag
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to process external data, specifically App Store rejection text and user-provided URLs, which introduces an attack surface for indirect prompt injection.
- Ingestion points: Rejection message text and support/privacy URLs referenced in SKILL.md.
- Boundary markers: No delimiters or isolation markers are defined for these inputs.
- Capability inventory: The skill utilizes shell commands including curl, grep, xcodebuild, security, and strings for local environment diagnostics.
- Sanitization: No input validation or sanitization routines are specified for the user-provided content.
- [COMMAND_EXECUTION]: Provides a series of shell commands for auditing project files and build configurations, which could be exploited if an attacker-controlled string is interpolated into a command.
- [EXTERNAL_DOWNLOADS]: Contains instructions to use curl for verifying the status of external web addresses.
Audit Metadata