ios-dev
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation includes shell commands for the agent to execute using
xcrun simctlandsips. These commands are used to take and resize screenshots of the iOS simulator for the purpose of visual quality assurance during the development loop. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to ingest and act upon user-supplied requirements while maintaining shell execution capabilities.
- Ingestion points: User-provided requirements for iOS screens, components, and views within the SKILL.md processing logic.
- Boundary markers: Absent; the instructions do not define delimiters or specific safety warnings to disregard instructions within the user-provided content.
- Capability inventory: Shell execution of simulator management and image processing tools (
xcrun,sips) as described in the 'Development Loop' section of SKILL.md. - Sanitization: Absent; there are no documented steps for validating or escaping user input before it influences the agent's actions.
Audit Metadata