spatial-swiftui-developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive file paths (~/.ssh, ~/.aws, etc.) or hardcoded credentials detected. Network operations are limited to a placeholder URL (example.com) within a code snippet for loading 3D models.
- [Obfuscation] (SAFE): No evidence of Base64 encoding, zero-width characters, homoglyphs, or other obfuscation techniques.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No package installations (npm/pip) or remote script execution (curl|bash) patterns were identified.
- [Privilege Escalation] (SAFE): No commands for acquiring elevated privileges (sudo, chmod) are present.
- [Persistence Mechanisms] (SAFE): No attempts to modify shell profiles, cron jobs, or startup services.
- [Metadata Poisoning] (SAFE): Skill metadata is accurate and descriptive of its intended function without deceptive instructions.
- [Indirect Prompt Injection] (SAFE): The skill does not demonstrate surfaces for processing untrusted external data in an unsafe manner.
- [Time-Delayed / Conditional Attacks] (SAFE): No conditional logic or date-based triggers were found gating suspicious behaviors.
- [Dynamic Execution] (SAFE): No usage of runtime compilation, unsafe deserialization, or dynamic code generation.
Audit Metadata