axiom-audit-spritekit
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates solely as a static analyzer for SpriteKit source code. It does not perform network operations, access sensitive credentials, or execute code.
- [SAFE]: The skill follows security best practices by explicitly excluding dependency directories (Pods, Carthage) and build artifacts (DerivedData, .build) from its search scope, reducing the risk of accidental exposure of secrets in those paths.
- [SAFE]: All referenced resources and external identifiers belong to the same 'axiom' suite of game development utilities managed by the author, representing legitimate vendor functionality.
- [SAFE]: Although the skill processes untrusted code for analysis, it lacks the necessary capabilities (such as network access or file-writing) to enable data exfiltration or other malicious outcomes via indirect prompt injection. 1. Ingestion points: Local Swift files via glob patterns. 2. Boundary markers: Absent. 3. Capability inventory: Static analysis via Grep and Glob; reporting only. 4. Sanitization: Absent.
Audit Metadata