ios-debugger-agent

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses dedicated XcodeBuildMCP tools for authorized developer activities such as managing iOS simulators, building project schemes, and inspecting application states. All described workflows are consistent with its stated purpose.\n- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted data from the simulator environment.\n
  • Ingestion points: The agent reads application logs via mcp__XcodeBuildMCP__start_sim_log_cap and UI hierarchy descriptions via mcp__XcodeBuildMCP__describe_ui into its context.\n
  • Boundary markers: The instructions do not specify any delimiters or safety warnings to separate external data from agent instructions.\n
  • Capability inventory: The agent has capabilities to interact with the filesystem (build and run) and the UI (tap, type) based on information derived from the ingested data.\n
  • Sanitization: No sanitization or validation steps are defined for the logs or UI content before the agent acts upon them.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 04:44 PM
Security Audit — agent-trust-hub — ios-debugger-agent