ios-simulator-skill
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE] (SAFE): The skill performs expected development tasks using legitimate system utilities for iOS automation.
- [COMMAND_EXECUTION] (SAFE): All subprocess calls (e.g., in app_launcher.py and idb_utils.py) use list-based arguments, which is a secure method to prevent shell injection vulnerabilities.
- [PROMPT_INJECTION] (LOW): The skill analyzes UI hierarchies from simulated apps via idb_utils.py. While these labels constitute untrusted data that could be used for indirect prompt injection, this is inherent to the testing use case and no specific exploit was observed.
- [DATA_EXFILTRATION] (SAFE): No unauthorized file access or suspicious external network communications were detected. Local storage is restricted to skill-specific directories.
- [EXTERNAL_DOWNLOADS] (SAFE): Dependency installation (idb and pillow) is handled manually by the user following documentation, rather than being automated via potentially unsafe remote scripts.
Audit Metadata