xcode-build
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard configurations for Xcode projects and CI/CD automation. It contains no malicious instructions or hidden payloads.
- [COMMAND_EXECUTION]: The skill includes routine shell commands for Xcode builds (xcodebuild), certificate management (security), and dependency resolution (Homebrew, CocoaPods, Swift Package Manager). These commands are standard for the intended primary purpose of the skill.
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill correctly advises using environment variables and CI secrets for sensitive data like certificates and API keys. It avoids hardcoding credentials and uses placeholders like 'YOUR_TEAM_ID' for documentation purposes.
- [EXTERNAL_DOWNLOADS]: The skill references well-known services and tools including GitHub Actions, Fastlane, Firebase, and standard package managers. These references are documented neutrally and follow standard development workflows.
- [DYNAMIC_EXECUTION]: A script example is provided to generate a configuration file during the build process. This is a common and safe architectural pattern for injecting build-time constants into an application.
Audit Metadata