release-spec

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The AI agent's operations are limited to reading local documentation and generating a new release specification file based on that content.
  • [EXTERNAL_DOWNLOADS]: The skill provides references and links to official Apple developer resources and reputable industry tools for app optimization, design, and deployment.
  • [COMMAND_EXECUTION]: The skill generates documentation that includes setup and usage instructions for command-line tools such as Fastlane and Homebrew for the user's reference.
  • [PROMPT_INJECTION]: The skill reads various local project files (e.g., ARCHITECTURE.md) to gather information for the release spec. This represents a potential surface for indirect prompt injection, but it is necessary for the skill's primary function and is mitigated by the agent's restricted toolset and lack of network access.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:19 PM
Security Audit — agent-trust-hub — release-spec