hig-foundations
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill instructions create a vulnerability surface for indirect prompt injection by directing the agent to ingest data from a local environment file. • Ingestion points: The skill body in SKILL.md instructs the agent to check for and use content from '.claude/apple-design-context.md'. • Boundary markers: There are no instructions to treat the content of the context file as data only or to ignore instructions embedded within it. • Capability inventory: The skill implies file reading capabilities to fulfill its instructions. • Sanitization: No sanitization or validation of the ingested content is defined.
- [EXTERNAL_DOWNLOADS]: The skill references various external resources for documentation and assets. • Fetches images and design documentation from official Apple developer domains. • References accessibility plugins from Apple's official public GitHub repository.
Audit Metadata