claude-mobile-ios-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions use strong language for tool guidance (e.g., 'WRONG', 'RED FLAGS'), but these are benign directives intended to ensure the agent uses the correct testing utilities rather than attempting to bypass safety filters.
- [Data Exposure & Exfiltration] (SAFE): No sensitive credentials or exfiltration attempts were detected. The skill includes a hardcoded local file path to a build artifact (
/Users/nick/Desktop/...), which appears to be a context-specific example for simulator installation and does not expose system-level secrets. - [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references 'expo-mcp' and 'xc-mcp' as tool providers for mobile testing functions. It does not contain instructions to download or execute unverified third-party scripts or packages.
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and analyze UI screenshots and accessibility trees. While this creates an ingestion surface for untrusted application data, the primary purpose is autonomous visual verification, and no high-severity capability is exposed to this data without oversight.
Audit Metadata