axiom-audit-iap
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of analytical instructions for auditing StoreKit implementation patterns and lacks any malicious triggers, persistence mechanisms, or exfiltration capabilities.
- [SAFE]: No hardcoded credentials, sensitive file access (e.g., SSH keys, AWS configuration), or risky network operations were detected.
- [SAFE]: The skill implements security best practices by explicitly excluding sensitive project directories, such as .claude and .claude-plugin, from its analysis scope.
- [SAFE]: The skill uses platform configuration (disable-model-invocation: true) to restrict the model's ability to invoke external tools autonomously, which reduces the potential attack surface.
Audit Metadata