skills/adamlyttleapps/claude-skill-app-onboarding-questoinnaire/app-onboarding-questionnaire/Gen Agent Trust Hub
app-onboarding-questionnaire
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs codebase analysis to understand app functionality, which is a required step for its primary purpose of designing onboarding flows.
- [SAFE]: Permission discovery involves scanning project configuration files such as Info.plist and AndroidManifest.xml solely to generate contextual onboarding screens for the user.
- [SAFE]: The skill utilizes the agent's memory system to maintain state throughout its multi-phase workflow, which is a standard platform feature for complex tasks.
- [SAFE]: Vulnerability Surface (Indirect Prompt Injection): The skill processes untrusted data from the user's codebase, which is an inherent property of coding assistant skills. 1. Ingestion points: User codebase (CLAUDE.md, README, UI files) read in Phase 1 (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: File-write and code generation across the project (SKILL.md, Phase 5). 4. Sanitization: Absent.
Audit Metadata