Skills
NYC
skills/cap-go/capacitor-skills/ios-android-logs/Gen Agent Trust Hub

ios-android-logs

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill documentation suggests installing an external tool using pip install pidcat. This package is not from a trusted organization or repository listed in the security policy. (Downgraded to LOW as it is a common utility for the skill's primary purpose).
  • COMMAND_EXECUTION (MEDIUM): The skill lists high-privilege commands such as adb bugreport, adb shell, and adb pull. These commands allow for deep inspection of a connected device, including the ability to read system files and execute arbitrary shell commands on the mobile OS. (Downgraded to LOW as these are standard debugging procedures).
  • PROMPT_INJECTION (LOW): This skill is vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: adb logcat and xcrun devicectl device log stream (SKILL.md).
  • Boundary markers: Absent; logs are streamed directly to the terminal/agent context.
  • Capability inventory: pip install, adb shell, adb bugreport, and file write operations (> logs.txt) (SKILL.md).
  • Sanitization: Absent; the skill does not suggest any method to filter or sanitize log content before processing, allowing potential malicious instructions in app logs to influence agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:12 PM