pods
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
cocoapodsRuby gem and runpod install, which fetches external dependencies from the CocoaPods repository. These are standard operations for Apple platform development. - [COMMAND_EXECUTION]: The skill defines allowed tools for
Bash(pod *)andBash(cd *). This allows the agent to navigate the file system and execute CocoaPods commands necessary for dependency management. - [PROMPT_INJECTION]: The skill instructions are clear and do not contain any patterns attempting to override agent safety guidelines or system prompts.
- [DATA_EXPOSURE]: No sensitive file paths, hardcoded credentials, or unauthorized network exfiltration patterns were detected.
- [INDIRECT_PROMPT_INJECTION]: The skill has a potential attack surface by processing local project files (
Podfile,Podfile.lock) that may contain external content in monorepo settings. - Ingestion points: Reads and processes configuration from
packages/app/ios/Podfileandpackages/app/macos/Podfilevia thepodtool. - Boundary markers: None present in the instructions.
- Capability inventory: Limited to directory navigation (
cd) and CocoaPods operations (pod). - Sanitization: Relies on the underlying
podandmelostools for command validation.
Audit Metadata