ios-deploy
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent on using command-line tools such as
xcodebuildandfastlane. It includes a reference tofastcode sign --force, which appears to be a typographical error for the standard macOScodesignutility. - [EXTERNAL_DOWNLOADS]: The skill references the installation of the
fastlanedependency via the RubyGems package manager. - [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection (Category 8).
- Ingestion points: Untrusted external content is ingested via the
changelogparameter in the TestFlight upload workflow. - Boundary markers: The instructions lack specific delimiters or system-level directives to prevent the agent from executing instructions that may be embedded in changelog text.
- Capability inventory: The skill has broad capabilities to execute shell commands and interact with Apple APIs through established toolchains.
- Sanitization: There is no specified logic for sanitizing or escaping the content of strings processed during the deployment pipeline.
- [NO_CODE]: The skill consists solely of markdown instructions and does not ship with standalone scripts, binary executables, or configuration files.
Audit Metadata