deep-linking

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands (grep, find) to analyze the existing project structure and configuration files like Info.plist and .entitlements to detect existing deep link implementations.
  • [EXTERNAL_DOWNLOADS]: Includes a diagnostic curl command in the testing section for developers to verify the existence and headers of their own Apple App Site Association (AASA) file on their remote server.
  • [INDIRECT_PROMPT_INJECTION]: The skill generates code for handling external URL inputs (onOpenURL). While the templates focus on safe navigation and creation flows, deep link handlers represent an inherent attack surface that developers must secure against malicious external triggers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:18 PM
Security Audit — agent-trust-hub — deep-linking