build-run-debug
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill automates the project lifecycle by generating a local bash script (
script/build_and_run.sh) from templates and subsequently executing it. This script handles building withswift buildorxcodebuild, process management withpkillandpgrep, and launching applications via/usr/bin/open. - [COMMAND_EXECUTION]: The skill uses
chmod +xto grant execution permissions to both the generated build scripts and the resulting application binaries. - [COMMAND_EXECUTION]: Vulnerability to indirect prompt injection exists because the skill extracts metadata (such as application names and bundle identifiers) from project files like
Package.swiftand.xcodeprojto populate the shell script templates. If these files contain malicious payloads, it could lead to command injection when the script is generated and run. - Ingestion points:
Package.swift,.xcworkspace, and.xcodeprojmetadata found inSKILL.md. - Boundary markers: None present in the prompt templates to delimit untrusted project data.
- Capability inventory: Local file writing, permission modification (
chmod), shell execution, and process termination (pkill). - Sanitization: No evidence of validation or escaping for project-extracted strings before interpolation into the bash script.
Audit Metadata