ios-memgraph-leaks
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands including
leaks,xcrun, andsimctlto interact with iOS simulators and analyze memory. These operations are essential to its documented purpose and are implemented using safe practices, such as proper variable quoting in shell scripts and using the list-basedsubprocess.runin Python, which avoids shell invocation and mitigates command injection risks. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from memory graphs and renders it into Markdown summaries in
scripts/summarize_memgraph_leaks.py. - Ingestion points: External data enters the agent context through the output of the
leakscommand and the content of memgraph files. - Boundary markers: The script uses
~~~textmarkdown code blocks to isolate external data excerpts from instructions in the generated report. - Capability inventory: The skill enables subprocess execution of profiling tools and file system writes for reports.
- Sanitization: While technical strings are not explicitly sanitized, the use of triple-tilde code blocks serves as an effective boundary marker to prevent the agent from misinterpreting profiling data as instructions.
Audit Metadata