axe-ios-simulator

[Skill Scanner] Installation of third-party script detected This SKILL.md describes a local iOS Simulator automation CLI whose capabilities (HID input, Accessibility tree reads, screenshots/video) are coherent with its stated purpose. There is no evidence in the documentation of network exfiltration, obfuscation, or hidden backdoors. The main risks are: (1) local sensitive data exposure because describe-ui, screenshots, and recorded video can capture secrets visible in the Simulator; and (2) supply-chain trust in a third-party Homebrew tap (cameroncooke) — installing a binary from a personal tap carries more risk than an official repo. Overall, the document appears benign in intent and functionality, but installing the binary should be done with normal supply-chain precautions (verify maintainer, formula, signatures). LLM verification: The documentation describes a legitimate and coherent iOS Simulator automation tool whose features (HID injection, accessibility inspection, screenshots/video, streaming) align with its purpose. There are no explicit malicious indicators within the provided documentation itself. The primary risk is supply‑chain and operational: the binary is distributed via a third‑party Homebrew tap and exposes high‑impact capabilities that could be abused to exfiltrate sensitive data (screenshots/video/stdout)