ios-to-android
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill ingests untrusted source code from a user-provided path (Step 1), creating a surface for indirect prompt injection. Maliciously crafted comments or documentation in the source code could influence the agent's subsequent implementation steps. \n
- Ingestion points: User-provided iOS codebase path in Step 1. \n
- Boundary markers: Absent; the instructions do not require delimiters or specific instructions to ignore embedded natural language commands. \n
- Capability inventory: File system read access (Step 1), file system write access (Step 5), and asset copying (Step 6). \n
- Sanitization: No validation or sanitization is performed on the content read from the source files.
Audit Metadata