swift-core-data
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): No malicious behaviors or security vulnerabilities were detected in the provided code files.\n- [COMMAND_EXECUTION] (SAFE): The script 'scripts/generate-model.sh' invokes 'xcodebuild' to process local project files. While this is a command execution, it is the intended primary purpose of the script and does not involve untrusted network data or privilege escalation.\n- [DATA_EXFILTRATION] (SAFE): No network operations or access to sensitive local file paths (such as SSH keys or environment variables) were found. All Core Data operations are local to the application's persistence container.\n- [INDIRECT_PROMPT_INJECTION] (LOW): The script 'scripts/generate-model.sh' takes a command-line argument ($1) but does not use it in the executable command, neutralizing potential injection vectors. Boundary markers are absent, but the lack of capability interpolation makes this surface non-exploitable.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata