universal-links-deep-linking
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill serves as a comprehensive guide for setting up deep linking on iOS and Android using standard protocols.
- [COMMAND_EXECUTION]: The documentation includes standard
curl,keytool, andadbcommands. These are used strictly for local verification of the setup and inspection of public configuration files (AASA and assetlinks.json), posing no security risk. - [REMOTE_CODE_EXECUTION]: No remote code execution or unsafe script injection patterns were found. The provided Next.js route handler (
aasa-route.ts) is a static implementation for serving JSON configuration with the correct headers. - [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were identified. The instructions correctly guide the user to their own official developer portals for necessary identifiers (Apple Team ID and Android fingerprints).
Audit Metadata