mobile-ux
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected in the markdown or code files.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network operations were identified.
- Obfuscation (SAFE): No Base64 encoding, zero-width characters, or homoglyph attacks were found; the content is clear and legible.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not download external scripts or packages. The included Python script uses standard libraries and the safe 'PyYAML' loader.
- Privilege Escalation & Persistence (SAFE): No commands for elevating privileges (like 'sudo') or establishing persistence (like cron jobs) were detected.
- Indirect Prompt Injection (SAFE): While the skill processes user-defined 'scope' strings, it does so for informational purposes and lacks capabilities that would allow for execution or data leakage.
- Dynamic Execution (SAFE): The skill uses static configurations and a validation script with 'yaml.safe_load()', avoiding unsafe deserialization or runtime code generation.
Audit Metadata