swiftuimigrator-project-setup
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local development commands associated with the Tuist build tool.
- Evidence: It triggers 'tuist generate --no-open' and 'tuist build'. These are well-known commands for the intended purpose.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) through the processing of local project files.
- Ingestion points: The skill instructs the agent to locate and inspect 'Project.swift', 'Info.plist', 'LaunchScreen.storyboard', and 'AppDelegate.swift'.
- Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present when reading these files.
- Capability inventory: The skill can create new files ('App.swift', 'SplashScreen.swift'), modify existing code ('AppDelegate.swift'), and execute shell commands ('tuist generate', 'tuist build').
- Sanitization: No sanitization or validation of the content read from the project files is performed before it is used to inform code generation or command execution.
Audit Metadata