hig-components-search
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is composed entirely of Markdown documentation and YAML metadata. There are no executable scripts (.py, .js, .sh), binaries, or configuration files that trigger command execution.
- [DATA_EXFILTRATION] (SAFE): No network operations or commands to access sensitive local files (e.g., credentials, SSH keys) were found. References to external websites are limited to documentation links and image assets on trusted Apple domains.
- [PROMPT_INJECTION] (SAFE): The instructions are purely functional for guiding the agent on how to use the provided documentation. There are no attempts to override system prompts, bypass safety filters, or extract sensitive instructions.
- [EXTERNAL_DOWNLOADS] (SAFE): No package managers (npm, pip) or remote script execution patterns (curl | bash) are utilized. Asset URLs point to legitimate 'developer.apple.com' subdomains.
- [SAFE] (SAFE): After a thorough review of all files, including metadata and reference documentation, no malicious patterns or security risks were identified.
Audit Metadata