axiom-axe-ref

[Skill Scanner] [Documentation context] Installation of third-party script detected The document is a legitimate reference for a local CLI tool that automates iOS Simulator UI using accessibility/HID APIs. Its capabilities (taps, typing, screenshots, video recording/streaming, UI tree inspection) align with the stated purpose. The main security considerations are: (1) AXe requires elevated access to simulator/accessibility APIs and may need entitlements; (2) installation via a user tap requires trusting that tap; and (3) recording/streaming features can capture sensitive information if misused. There is no evidence in this document of credential harvesting, network exfiltration, or malicious behavior. Overall, the content appears benign but with moderate operational security considerations around permissions and artifact handling. LLM verification: [LLM Escalated] The SKILL.md is a benign, clear usage guide for AXe CLI. The document itself contains no malicious code or secrets, but it instructs installing a third-party binary and documents powerful features (private-API control, screenshots, video/streaming) that amplify supply-chain and data-exposure risks if the AXe binary is compromised or untrusted. Treat installation as a moderate supply-chain risk: verify sources, prefer signed/pinned releases or build-from-source, and confine automation outputs and