skills/rudrankriyam/foundation-models-framework-lab/foundation-models-app-builder/Gen Agent Trust Hub
foundation-models-app-builder
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides numerous Swift code recipes that are vulnerable to indirect prompt injection by interpolating untrusted user data directly into model prompts without sanitization or boundary markers.\n
- Ingestion points: User-provided strings such as
notesinreferences/architecture.md,textfrom receipts inreferences/dynamic-schemas.md,metricTextinreferences/healthkit.md, and retrieved document chunks inreferences/rag.md.\n - Boundary markers: Examples consistently use simple string interpolation (e.g.,
Prompt("Extract... \(text)")) without delimiters like XML tags or triple quotes, or specific instructions for the model to ignore embedded commands.\n - Capability inventory: The recipes demonstrate capabilities including model response generation and app-integrated tool calling (e.g., calculator, reminders).\n
- Sanitization: There is no evidence of input validation, escaping, or filtering of the interpolated content in the provided Swift snippets.\n- [COMMAND_EXECUTION]:
references/common-errors.mdincludes local build and test commands (xcodebuild,swift test) intended for use in the developer's project environment.
Audit Metadata