hmos-multidevice-avoid-areas

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The instructions focus entirely on technical implementation of UI layouts. There are no attempts to override agent behavior, bypass safety filters, or extract system prompts.
  • [DATA_EXFILTRATION]: The skill does not contain hardcoded credentials, access sensitive file paths (e.g., SSH keys, environment files), or perform unauthorized network operations. Code examples use standard HarmonyOS APIs for UI context and display properties.
  • [REMOTE_CODE_EXECUTION]: No patterns of downloading and executing remote scripts (e.g., curl|bash) or using dynamic execution functions like eval() or exec() were found.
  • [COMMAND_EXECUTION]: The skill does not invoke shell commands. The ArkTS code samples are restricted to UI layout management and system window properties.
  • [OBFUSCATION]: No obfuscation techniques such as Base64 encoding of commands, zero-width characters, or homoglyphs were identified in the documentation or code assets.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 11:57 AM
Security Audit — agent-trust-hub — hmos-multidevice-avoid-areas