Skills
skills/terryc21/xcode-workflow-skills/tech-talk-reportcard/Gen Agent Trust Hub

tech-talk-reportcard

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute multiple search commands using the Grep and Glob tools. These commands scan the filesystem for patterns related to code quality, security, and performance across the project's source files.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the user's codebase.
  • Ingestion points: The agent reads arbitrary Swift source files (**/*.swift) and project-specific documentation (CLAUDE.md).
  • Boundary markers: There are no explicit delimiters or system-level instructions provided to ensure the agent ignores or treats embedded instructions within the analyzed code as data rather than instructions.
  • Capability inventory: The skill utilizes Read, Write, Grep, and Glob tools, enabling it to inspect the filesystem and persist its findings to local storage in the .agents/research/ directory.
  • Sanitization: The skill does not implement any sanitization, filtering, or validation of the content read from the source files before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 07:58 PM