tipkit-generator
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill was analyzed across all ten threat categories and no security issues were found. Key findings include:
- [PROMPT_INJECTION]: No evidence of role-play, DAN-style injections, or instructions to bypass safety guidelines was found.
- [DATA_EXFILTRATION]: The skill does not access sensitive system files or perform network operations to untrusted domains. It focuses exclusively on project source code files.
- [REMOTE_CODE_EXECUTION]: The skill generates static code from local templates and does not execute or download remote scripts.
- [OBFUSCATION]: No encoded strings (Base64), zero-width characters, or homoglyph-based obfuscation techniques were detected.
- [COMMAND_EXECUTION]: Shell tools like
GlobandGrepare used appropriately for project context detection (searching for existing TipKit usage) and do not involve unsafe user input. - [PRIVILEGE_ESCALATION]: No commands requiring administrative privileges (
sudo) or modifications to system permissions were identified.
Audit Metadata