create-revenuecat-project
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses a defined set of tools belonging to the RevenueCat MCP server to perform legitimate project configuration tasks such as creating apps, products, and entitlements.
- [DATA_EXPOSURE]: The skill instructions involve retrieving public API keys and identifiers (Bundle IDs), which is consistent with the standard setup process for RevenueCat and does not expose sensitive secrets.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from user responses (platforms, business models) and tool outputs (project lists). While it lacks explicit boundary markers for this data interpolation, the capabilities are restricted to vendor-provided management tools, representing a typical and low-risk interaction pattern.
Audit Metadata