mobile-design

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a high-quality educational resource for mobile development, covering design systems, platform guidelines, and performance best practices. No malicious patterns were detected across the 14 files provided.
  • [COMMAND_EXECUTION]: The skill includes an auditing script scripts/mobile_audit.py. The instructions suggest the agent run this script to validate project code for UX and performance issues. Technical analysis of the script confirms it is restricted to local static analysis via regex patterns and does not possess network capabilities or perform unsafe system operations.
  • [PROMPT_INJECTION]: The documentation uses 'anti-memorization' and 'forbidden list' techniques in mobile-design-thinking.md. These are instructional design patterns meant to guide the AI toward context-aware decision making rather than relying on generic training defaults; they do not attempt to bypass safety filters or override core system instructions.
  • [DATA_EXFILTRATION]: No network operations or data exfiltration patterns were detected. The provided Python script only outputs results to the console and does not communicate with external servers.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials or unsafe secret handling practices were found. The documentation correctly identifies storing tokens in AsyncStorage as a security risk and recommends standard secure storage practices.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 06:49 PM
Security Audit — agent-trust-hub — mobile-design