ios-pentesting-tricks
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references standard third-party mobile security tools including
frida-ios-dump,bagbak, andkeychain-dumper. These are utilized for decrypting application binaries and dumping keychain data from connected iOS devices.\n- [COMMAND_EXECUTION]: Utilizes a variety of command-line utilities for environment assessment and binary analysis, such asideviceinstaller,ios-deploy,otool,plutil, andsqlite3. It also includes extensive Frida and Objection commands for runtime instrumentation, method hooking, and security control bypasses (e.g., jailbreak detection and SSL pinning).\n- [DATA_EXFILTRATION]: Provides instructions for accessing and extracting sensitive information from a target iOS application, such asNSUserDefaultsplists, SQLite databases, and system keychain items. This behavior is aligned with the skill's primary purpose for security research and mobile application auditing.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted data from external sources likeapple-app-site-association(AASA) files and IPA metadata.\n - Ingestion points: Processes remote AASA JSON files and application
Info.plistXML files.\n - Boundary markers: No delimiters or instructions to ignore embedded commands are present when analyzing these files.\n
- Capability inventory: The skill allows the agent to execute shell commands and file system operations based on the results of the analysis.\n
- Sanitization: There is no evidence of validation or sanitization for the data ingested from analyzed applications.
Audit Metadata