ios-memgraph-leaks

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local system commands including leaks, xcrun, and simctl to interact with iOS simulators and analyze memory. These operations are essential to its documented purpose and are implemented using safe practices, such as proper variable quoting in shell scripts and using the list-based subprocess.run in Python, which avoids shell invocation and mitigates command injection risks.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes data from memory graphs and renders it into Markdown summaries in scripts/summarize_memgraph_leaks.py.
  • Ingestion points: External data enters the agent context through the output of the leaks command and the content of memgraph files.
  • Boundary markers: The script uses ~~~text markdown code blocks to isolate external data excerpts from instructions in the generated report.
  • Capability inventory: The skill enables subprocess execution of profiling tools and file system writes for reports.
  • Sanitization: While technical strings are not explicitly sanitized, the use of triple-tilde code blocks serves as an effective boundary marker to prevent the agent from misinterpreting profiling data as instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:11 AM
Security Audit — agent-trust-hub — ios-memgraph-leaks