apple-docs
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions specify using the
Bashtool to executeapple-docscommands, which is the primary method for the agent to retrieve documentation (SKILL.md). - [EXTERNAL_DOWNLOADS]: The project depends on the
@kimsungwhee/apple-docs-mcppackage from the NPM registry to perform its core functionality (package.json). - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection due to its interaction with external web content.
- Ingestion points: External documentation content is retrieved from
developer.apple.comvia commands such asdoc,search, andwwdc-video(SKILL.md, .claude/commands/apple-docs.md). - Boundary markers: There are no explicit markers or instructions provided in the skill prompt to separate fetched data from the agent's core instructions or to prevent the agent from following instructions embedded in the documentation (SKILL.md).
- Capability inventory: The skill relies on the
Bashtool to execute all of its operations (SKILL.md). - Sanitization: No sanitization or filtering of the retrieved documentation content is performed before it is presented to the agent (src/cli.ts).
Audit Metadata