live-activity-generator
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows standard iOS development practices and uses official Apple APIs for ActivityKit. No malicious patterns or unauthorized behaviors were detected during analysis.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it incorporates user-provided answers into generated code templates.
- Ingestion points: User responses to configuration questions (e.g., activity purpose, data fields) gathered via
AskUserQuestion(SKILL.md). - Boundary markers: None identified in the prompt interpolation logic.
- Capability inventory:
Write,Edit, andBashtools for file manipulation (SKILL.md). - Sanitization: No explicit sanitization or validation of user input is specified before it is injected into the generated Swift files.
- Risk Factor: Malicious user input could potentially result in the generation of malformed or malicious source code, though this is a common characteristic of code-generation utilities.
Audit Metadata