spm-build-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides and utilizes a Python script (scripts/check_spm_pins.py) to automate dependency auditing. This script executes the local git command using subprocess.run with safe argument handling (list-based arguments without a shell) to query remote repository information as part of the intended analysis flow.
- [EXTERNAL_DOWNLOADS]: The check_spm_pins.py script performs network operations using git ls-remote to fetch tag data from remote repositories. The target URLs are extracted directly from the user's project configuration (project.pbxproj), and the operation is strictly limited to metadata retrieval for dependency analysis purposes.
Audit Metadata