swiftui

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill provides patterns for integrating WebKit, which creates an indirect prompt injection surface for external web content.
  • Ingestion points: Untrusted data enters the agent context through WebView loading URLs, HTML strings, and data blobs as described in webkit/SKILL.md and webkit/navigation.md.
  • Boundary markers: The NavigationDeciding protocol is documented to intercept and filter navigation requests, serving as a boundary for untrusted content (webkit/navigation.md).
  • Capability inventory: The skill includes capabilities to execute JavaScript (callJavaScript) and intercept navigation requests (NavigationDeciding) across its web-related scripts.
  • Sanitization: The documentation provides best practices for sanitization, specifically recommending the use of named arguments in JavaScript calls to prevent injection and utilizing WKContentWorld for execution isolation (webkit/javascript-advanced.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 11:17 PM
Security Audit — agent-trust-hub — swiftui