build-run-debug

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill automates the project lifecycle by generating a local bash script (script/build_and_run.sh) from templates and subsequently executing it. This script handles building with swift build or xcodebuild, process management with pkill and pgrep, and launching applications via /usr/bin/open.
  • [COMMAND_EXECUTION]: The skill uses chmod +x to grant execution permissions to both the generated build scripts and the resulting application binaries.
  • [COMMAND_EXECUTION]: Vulnerability to indirect prompt injection exists because the skill extracts metadata (such as application names and bundle identifiers) from project files like Package.swift and .xcodeproj to populate the shell script templates. If these files contain malicious payloads, it could lead to command injection when the script is generated and run.
  • Ingestion points: Package.swift, .xcworkspace, and .xcodeproj metadata found in SKILL.md.
  • Boundary markers: None present in the prompt templates to delimit untrusted project data.
  • Capability inventory: Local file writing, permission modification (chmod), shell execution, and process termination (pkill).
  • Sanitization: No evidence of validation or escaping for project-extracted strings before interpolation into the bash script.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:11 AM
Security Audit — agent-trust-hub — build-run-debug