The Agent Skills Directory

[COMMAND_EXECUTION]: The skill core functionality relies on executing shell commands via Python's subprocess module to drive iOS simulator tools (xcrun simctl, idb, xcodebuild). Analysis confirms that these commands are constructed using argument lists rather than raw shell strings, which is a secure practice that prevents command injection. Static analyzer flags for subprocess usage are confirmed as benign functional requirements for this category of developer tool.
[DATA_EXPOSURE_AND_EXFILTRATION]: The scripts are designed to capture simulator data, including screenshots, UI hierarchy trees, and system logs, for testing and debugging purposes. These artifacts are stored locally in the user's home directory (~/.ios-simulator-skill) or in designated output folders. No hardcoded credentials or unauthorized network exfiltration attempts were found.
[INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for untrusted data via scripts that read UI element labels (navigator.py, screen_mapper.py) and application logs (log_monitor.py). While this data could theoretically contain malicious instructions from a third-party app being tested, the skill's architecture minimizes risk by outputting structured data and limiting the agent's capability to safe automation tasks.
[DYNAMIC_EXECUTION]: The skill uses a dynamic import for the datetime module in sim_list.py and generates temporary JSON payloads for push notifications. These patterns are verified as benign and necessary for the skill's utility and performance optimizations.

ios-simulator-skill