tipkit-generator

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill was analyzed across all ten threat categories and no security issues were found. Key findings include:
  • [PROMPT_INJECTION]: No evidence of role-play, DAN-style injections, or instructions to bypass safety guidelines was found.
  • [DATA_EXFILTRATION]: The skill does not access sensitive system files or perform network operations to untrusted domains. It focuses exclusively on project source code files.
  • [REMOTE_CODE_EXECUTION]: The skill generates static code from local templates and does not execute or download remote scripts.
  • [OBFUSCATION]: No encoded strings (Base64), zero-width characters, or homoglyph-based obfuscation techniques were detected.
  • [COMMAND_EXECUTION]: Shell tools like Glob and Grep are used appropriately for project context detection (searching for existing TipKit usage) and do not involve unsafe user input.
  • [PRIVILEGE_ESCALATION]: No commands requiring administrative privileges (sudo) or modifications to system permissions were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:18 PM
Security Audit — agent-trust-hub — tipkit-generator