promoted-iap
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to generate boilerplate Swift code for StoreKit 2 integration. Analysis of the instructions and templates shows no malicious intent or suspicious patterns.
- [COMMAND_EXECUTION]: The skill uses
Bash,Glob, andGreptools. These are employed for legitimate project maintenance tasks, such as checking for existing StoreKit implementations and determining the directory structure for file output. - [DATA_EXFILTRATION]: There are no network-enabled tools or commands (e.g.,
curl,wget) used for external communication. The skill operates entirely on the local project environment. - [CREDENTIALS_UNSAFE]: No hardcoded secrets, API keys, or sensitive credential access patterns were found in the skill or its associated templates.
- [REMOTE_CODE_EXECUTION]: The skill does not download external scripts or packages. It relies on a local
templates.mdfile to provide code snippets to the agent.
Audit Metadata