axiom-xcode-mcp-tools
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill describes workflows involving tools for file system modification (XcodeRM, XcodeMV) and the execution of Swift code snippets (ExecuteSnippet). It proactively manages risk by instructing the agent to require user confirmation for destructive operations and warning that snippet execution occurs in a REPL environment where outputs should be treated as untrusted.
- [EXTERNAL_DOWNLOADS]: The documentation includes a reference to an external third-party repository on GitHub (SoundBlaster/XcodeMCPWrapper). This is presented as a workaround for addressing technical compatibility issues between the MCP bridge and specific client configurations.
- [PROMPT_INJECTION]: The skill defines automated logic (BuildFix and TestFix loops) that processes external data sources including build logs, compiler diagnostics from the Issue Navigator, and project source code. This introduces a surface for indirect prompt injection, as the agent is instructed to iteratively modify code based on the contents of these external inputs.
Audit Metadata