rejection-handler
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, prompt injections, or unauthorized system access commands were detected in the skill instructions.
- [SAFE]: The skill uses a restricted set of tools (Read, Glob, Grep, AskUserQuestion) that does not allow for dangerous operations such as network exfiltration or arbitrary command execution.
- [SAFE]: All external references, such as the Apple developer portal, point to trusted domains and are provided for the user's manual use rather than automated fetching by the agent.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted user input in the form of App Store rejection notices. However, the risk is mitigated by the absence of high-privilege tools (no shell or network access) and the use of predefined output templates. Ingestion points: User-provided rejection messages collected via AskUserQuestion in SKILL.md. Boundary markers: None explicitly defined. Capability inventory: Read, Glob, Grep, AskUserQuestion. Sanitization: None.
Audit Metadata