virtual-agent/ios
Pass
Audited by Gen Agent Trust Hub on May 31, 2026
Risk Level: SAFE
Full Analysis
- JavaScript Injection via WKUserScript: The skill describes using
WKUserScriptto inject JavaScript into aWKWebView. While dynamic script injection is a powerful feature, the implementation described follows official platform guidelines for bridging native Swift/Objective-C code with web content. - Message Handler Communication: The skill demonstrates how to register
WKScriptMessageHandlerto receive data from web content. It correctly notes that these handlers should be registered before navigation begins to ensure reliable communication. - URL Routing Policy: The documentation highlights the importance of using navigation delegates (
decidePolicyForNavigationAction) to manage how different URLs are handled (e.g., in-app vs. system browser), which is a key security best practice for mobile web views. - Trusted Documentation Links: All external references point to official documentation at
developers.zoom.us, which is an established and trusted domain for developer resources.
Audit Metadata