test-xcode
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the 'xcodebuildmcp' package from the NPM registry. This is a vendor-owned resource required for the skill's functionality.
- [COMMAND_EXECUTION]: The skill automates building and testing iOS apps via Xcode command-line utilities. These actions are appropriate for the skill's stated purpose.
- [PROMPT_INJECTION]: The skill processes simulator log data, which is a surface for indirect prompt injection. 1. Ingestion points: Simulator logs (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: App build, install, and execution (SKILL.md). 4. Sanitization: Absent.
Audit Metadata