ios-data
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions attempt to override agent behavior or safety protocols within the markdown curriculum or guides.
- Data Exposure & Exfiltration (SAFE): No sensitive file access, hardcoded credentials, or network requests were found; the Keychain and CloudKit sections are instructional rather than active exfiltration scripts.
- Obfuscation (SAFE): All code and documentation are provided in clear text with no encoded or hidden segments.
- Unverifiable Dependencies & RCE (SAFE): The provided Python script uses standard libraries and safe parsing methods (yaml.safe_load) for local file validation.
- Indirect Prompt Injection (SAFE): The skill logic is restricted to validating its own internal configuration and does not process untrusted external data in an executable context.
Audit Metadata