spotlight-indexing

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill generates standard, production-ready Swift code for Core Spotlight, adhering to Apple's framework guidelines.
  • [DATA_EXFILTRATION]: No network activity or data exfiltration patterns were identified. The skill explicitly emphasizes that Core Spotlight indexes are stored locally on-device and provides instructions for cleaning up the index during logout or account switching.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials or unsafe secret handling were found. The skill includes explicit documentation advising developers never to index sensitive data such as passwords or API keys.
  • [PROMPT_INJECTION]: No prompt injection or behavior override patterns were detected in the instructions or metadata.
  • [COMMAND_EXECUTION]: The skill uses read-only tools like Glob and Grep to detect project context and does not execute arbitrary or dangerous shell commands.
  • [SAFE]: The skill includes comprehensive privacy and security considerations, guiding the user on how to handle user data responsibly within the Spotlight index.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:18 PM
Security Audit — agent-trust-hub — spotlight-indexing