push-notifications
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill generates code designed to ingest and process push notification payloads from remote servers.
- Ingestion points:
NotificationPayload.swiftandNotificationDelegate.swiftingest data via theuserInfodictionary provided by the system. - Boundary markers: None present in the generated code templates.
- Capability inventory: The generated code includes navigation logic via
NotificationCenter, local notification scheduling, and placeholders for remote API interaction. - Sanitization: Input is parsed using standard type casting and URL initialization; however, deep links and resource IDs are used for routing without further validation.
- [COMMAND_EXECUTION]: The skill uses localized shell commands for environment discovery.
- Evidence:
SKILL.mdcontains hardcodedgrepandfindcommands to check for existing notification code and entitlements in the project directory. No user-supplied input is passed to these commands. - [EXTERNAL_DOWNLOADS]: The skill includes patterns for downloading notification attachments.
- Evidence: The
NotificationServiceExtensionexample inpush-notification-patterns.mddemonstrates how to download and attach images from URLs provided in a notification'simage_urlfield usingURLSession.
Audit Metadata