Skills
skills/oimiragieo/agent-studio/mobile-ui-development-rule/Gen Agent Trust Hub

mobile-ui-development-rule

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is configured to ingest and process external code files matching the glob **/mobile/**/*.* using Read, Write, and Edit tools. This creates an indirect prompt injection surface where malicious instructions embedded in the mobile source code could attempt to influence the agent's behavior.
  • Ingestion points: Source files matching **/mobile/**/*.* referenced in SKILL.md.
  • Boundary markers: None identified in the provided instructions.
  • Capability inventory: Access to Read, Write, and Edit tools as defined in SKILL.md.
  • Sanitization: No explicit sanitization, escaping, or validation of the processed file content is documented.
  • [COMMAND_EXECUTION]: The SKILL.md file contains a 'Memory Protocol' section that instructs the agent to execute a shell command (cat .claude/context/memory/learnings.md) to retrieve state information. While the command targets internal context files and is intended for state management, it represents a direct command execution instruction.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 02:04 PM