auditing-accessibility
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard shell utilities (
find,grep) to search local source code for accessibility patterns and theopencommand to launch the Accessibility Inspector on macOS. These operations are restricted to the local environment and are necessary for the tool's auditing functionality. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and analyze untrusted source code from a target directory.
- Ingestion points: Local Swift files identified via the
findcommand and read throughgrep. - Boundary markers: Absent; there are no specific instructions or delimiters used to separate the source code content from the agent's instruction context.
- Capability inventory: Shell access for searching the file system (
find,grep) and launching authorized applications (open). - Sanitization: No sanitization or filtering of the source code content is performed prior to processing.
- [SAFE]: External links included in the documentation reference official and trusted sources, including Apple's Developer documentation (developer.apple.com) and the World Wide Web Consortium (w3.org) for WCAG standards.
Audit Metadata