ios-xcodegen
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill consists entirely of Markdown documentation. There are no associated scripts (.py, .js, .sh) or executable files included that could perform malicious actions.
- [Command Execution] (LOW): The skill instructs the agent to run the
xcodegen generatecommand. This is a standard operation for the tool described and does not involve suspicious or obfuscated parameters. - [Indirect Prompt Injection] (LOW): The skill is designed to process external configuration files (
project.yml,project.yaml). While this presents a theoretical attack surface where a malicious project file could attempt to influence agent behavior, the skill provides standard developer workflows. - Ingestion points:
project.yml,project.yamlfiles. - Boundary markers: Absent.
- Capability inventory: Instructs execution of
xcodegen generateand configuration of Xcode build settings. - Sanitization: None specified; relies on the agent's underlying safety filters and the developer's local environment.
Audit Metadata