Back to skill

Security audit

Swiftui Liquid Glass

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only SwiftUI guidance skill with no evidence of hidden access, execution, persistence, or data handling.

Reasonable to install as a SwiftUI reference skill. Review generated code normally, especially iOS 26 availability checks and current Apple API details, and be aware the guide may activate for some broad Apple design requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The line 'You should always seek guides on Liquid Glass when asked for help adopting new Apple design' broadens the skill beyond its stated scope and can bias routing toward this skill for generic Apple design requests. In an agent system, overly broad activation guidance can cause incorrect tool selection, reducing reliability and potentially leading the model to apply irrelevant platform-specific advice in contexts where it should defer to a more appropriate skill.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.