Skills
NYC
skills/getsentry/xcodebuildmcp/xcodebuildmcp-cli/Gen Agent Trust Hub

xcodebuildmcp-cli

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill directs the agent to use the xcodebuildmcp CLI for system-level tasks such as building, running, and debugging applications. This is a legitimate developer workflow but requires granting the agent extensive shell access.
  • [PROMPT_INJECTION] (LOW): The skill represents a surface for Indirect Prompt Injection as it ingests and processes data from external sources that could be controlled by an attacker.
  • Ingestion points: The agent processes project files (.xcodeproj, .xcworkspace), application logs, and UI accessibility trees.
  • Boundary markers: The instructions do not specify any delimiters or warnings to help the agent distinguish between data and instructions.
  • Capability inventory: The CLI provides capabilities for file system modification, process execution, and debugger attachment.
  • Sanitization: There is no evidence of sanitization or validation of the content of project files or logs before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 07:32 PM