Skills
skills/charleswiltgen/axiom/axiom-apple-docs/Gen Agent Trust Hub

axiom-apple-docs

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill retrieves framework documentation from https://sosumi.ai/. This is a third-party domain and not an official Apple documentation source.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to interact with the local file system.
  • Evidence: ls -lt ~/Library/Caches/superpowers/browser/*/session-* | head -5 in skills/apple-docs-research.md is used to locate and read session files.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted data from external sources and local cache files.
  • Ingestion points: Reads documentation from sosumi.ai, WWDC transcripts from developer.apple.com, and session files from ~/Library/Caches/superpowers/browser/.
  • Boundary markers: None identified. There are no instructions for the agent to distinguish between its core logic and instructions potentially embedded in the fetched documentation.
  • Capability inventory: The skill has the capability to execute shell commands (ls) and read local files.
  • Sanitization: None identified. The skill instructs the agent to "reconstruct the code yourself" based on transcript descriptions, which could be manipulated if the transcript content is poisoned.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 01:17 PM