Fastlane Expert
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill's primary function is to process and modify local iOS project files which can be influenced by third parties (e.g., via pull requests), while possessing high-privilege tools. * Ingestion points: reads local project files like Fastfile, Appfile, and metadata. * Boundary markers: Absent; no instructions to ignore embedded commands in project files. * Capability inventory: Bash tool (to run fastlane) and Edit tool (to modify scripts). * Sanitization: Absent.
- [Command Execution] (MEDIUM): Explicitly requires the Bash tool to execute Fastlane automation and potentially other system commands.
- [External Downloads] (MEDIUM): Directs the user to install third-party software via Homebrew (
brew install fastlane), which is an external dependency from a non-whitelisted source.
Recommendations
- AI detected serious security threats
Audit Metadata