apple-crash-symbolication
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- External Downloads: The skill fetches .dwarf symbol files from the Microsoft symbol server (msdl.microsoft.com). This is a standard resource for obtaining debug information for the .NET runtime.
- Command Execution: The workflow utilizes standard macOS developer tools, including
atos,dwarfdump, andxcrun, to map memory addresses to source code. - Data Ingestion: The skill parses .ips crash logs, incorporating logic to manage specific JSON formatting structures found in these reports.
- Indirect Prompt Injection Surface: (1) Ingestion points: User-provided .ips crash logs. (2) Boundary markers: The script verifies basic JSON structure by checking the first line of the crash file. (3) Capability inventory: Executes system commands (
atos,dwarfdump) and performs network requests viaInvoke-WebRequest. (4) Sanitization: Validates the binary header of downloaded files to ensure they are valid Mach-O binaries.
Audit Metadata