implementation-guide

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to transform project specifications (PRD, Architecture, UX) into a structured implementation guide. It uses standard file operations within the permitted scope.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive data access or unauthorized exfiltration patterns were found. The skill references well-known placeholder domains and official GitHub repositories for established iOS libraries (Alamofire, Kingfisher) which are considered safe sources.
  • [EXTERNAL_DOWNLOADS]: The skill mentions external dependencies in the context of developer instructions. These references target trusted repositories and well-known services, posing no risk to the execution environment.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input from external documentation files (e.g., docs/PRD.md). While this presents a surface for indirect prompt injection, the impact is limited to the generated documentation, and the risk is assessed as low given the skill's specific purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:18 PM
Security Audit — agent-trust-hub — implementation-guide