ios-pentest
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of various CLI tools for device interaction and binary analysis, including
frida,objection,ideviceinstaller, andssh. These are essential for the skill's stated purpose of mobile penetration testing. - [EXTERNAL_DOWNLOADS]: The skill recommends installing security tools from well-known sources via
pip(frida-tools, objection) andbrew(libimobiledevice, ios-deploy). It also references the@anthropic/mobile-mcppackage, which is hosted by a trusted organization. - [REMOTE_CODE_EXECUTION]: The skill includes multiple local JavaScript files designed for use with the Frida instrumentation framework. These scripts perform runtime hooking and modification of application logic (e.g., bypassing biometrics or SSL pinning). While this involves dynamic execution, it is the primary intended functionality of a penetration testing skill and is documented as such.
Audit Metadata