feature-flags

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill generates infrastructure for fetching remote configurations, creating a surface for indirect prompt injection. A compromised remote server could provide malicious data that influences application behavior via the generated flag toggles.
  • Ingestion points: The generated RemoteFeatureFlagProvider.swift template fetches JSON configuration from a remote URL.
  • Boundary markers: Data ingestion is constrained by a predefined FeatureFlag enum and extracted via typed getter methods (e.g., boolValue, stringValue).
  • Capability inventory: The generated infrastructure includes network access via URLSession and local file writes for disk caching.
  • Sanitization: The code utilizes standard JSONSerialization and JSONDecoder for data validation and structure enforcement.
  • [DATA_EXFILTRATION]: The generated code includes networking capabilities to fetch data from remote endpoints and file system access to cache configuration values locally.
  • The RemoteFeatureFlagProvider.swift template performs network requests using URLSession to communicate with user-defined servers.
  • Configuration data is persisted to a feature_flags_cache.json file within the application's cache directory.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:18 PM
Security Audit — agent-trust-hub — feature-flags