build-dmg
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The helper script "build-dmg.sh" executes several macOS system utilities including "xcodebuild", "hdiutil", "PlistBuddy", and "osascript". These tools are used to automate the application packaging lifecycle, including compilation, disk image creation, and Finder window styling.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted metadata from the project environment which can influence script execution.
- Ingestion points: The skill reads application metadata such as names and versions from "package.json", "project.yml", "VERSION", and "Info.plist" files within the project being processed.
- Boundary markers: None. The values extracted from these files are used directly to populate shell environment variables and script templates without delimiters or warnings.
- Capability inventory: The script performs file system operations ("rm -rf", "cp") and has the capability to execute arbitrary shell commands through the "osascript" tool (via the "do shell script" command).
- Sanitization: No sanitization is performed on the "APP_NAME" or "VERSION" strings before they are interpolated into the "osascript" heredoc. A crafted application name containing AppleScript escape sequences could potentially execute unauthorized shell commands on the user's machine during the build process.
Audit Metadata