Skills
skills/vladimirbrejcha/ios-ai-skills/silent-pushes-setup/Gen Agent Trust Hub

silent-pushes-setup

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFE
Full Analysis
  • COMMAND_EXECUTION (SAFE): The skill contains several shell commands intended for debugging iOS application environments.
  • Evidence: codesign -d --entitlements :- ... is used to verify entitlements in the signed app binary.
  • Evidence: openssl and plutil are used to inspect the provisioning profile of the application.
  • Evidence: npx wrangler d1 execute is used to query a Cloudflare D1 database for push token verification. These are standard developer operations and do not target sensitive user files or perform unauthorized actions.
  • EXTERNAL_DOWNLOADS (SAFE): The skill references documentation from trusted sources.
  • Evidence: Links to developer.apple.com for APNs documentation.
  • Evidence: Links to developers.openai.com for Codex skills documentation. These are considered trustworthy domains.
  • INDIRECT_PROMPT_INJECTION (SAFE): The skill possesses a surface for indirect prompt injection by reading output from CLI tools and database queries.
  • Ingestion points: Output from codesign and wrangler d1 execute commands.
  • Boundary markers: Not explicitly defined in the CLI command sequence.
  • Capability inventory: Local command execution (codesign, openssl, plutil) and remote database querying (wrangler).
  • Sanitization: None present, but the operations are limited to read-only debugging tasks within the developer's own environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 04:26 PM