release-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Security Audit] (SAFE): The skill provides comprehensive checklists for identifying common vulnerabilities such as hardcoded credentials, insecure data storage (UserDefaults instead of Keychain), and disabled SSL validation. It includes specific Grep patterns to help the agent locate these issues without executing the code.
- [Resource Access] (SAFE): Tool usage is limited to 'Read', 'Glob', and 'Grep', which are standard for file analysis tasks. No access to shell execution, network utilities, or privileged system operations is requested.
- [Privacy Compliance] (SAFE): Includes detailed checks for modern Apple privacy requirements, such as Privacy Manifests and App Tracking Transparency, ensuring the reviewed apps respect user data.
- [Behavioral Integrity] (SAFE): The skill is purely instructional and analytical. It contains no obfuscated code, persistence mechanisms, or attempts to bypass agent safety guidelines. The bash script examples provided in the checklists are documentation for the user and cannot be executed by the agent given its restricted toolset.
Audit Metadata