Skills
skills/dpearson2699/swift-ios-skills/contacts-framework/Gen Agent Trust Hub

contacts-framework

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill provides code for fetching and enumerating all records in the user's Contacts database via CNContactStore. This creates a data exposure risk where an agent could access personal details like names, addresses, and phone numbers. Although the skill includes the necessary requestAccess logic, the resulting data access is broad and sensitive.\n- [PROMPT_INJECTION]: The skill enables the ingestion of untrusted data from contact records, which serves as a vector for indirect prompt injection.\n
  • Ingestion points: Contact records fetched through unifiedContacts and enumerateContacts in SKILL.md and references/contacts-patterns.md.\n
  • Boundary markers: Absent; the code snippets do not demonstrate the use of delimiters or instructions to ignore potential commands embedded in contact fields.\n
  • Capability inventory: The skill includes file system write capabilities in references/contacts-patterns.md via data.write(to: url) for exporting vCards, along with standard UI presentation tools.\n
  • Sanitization: Absent; contact properties are processed and displayed directly without validation or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 09:37 AM