ios-simulator-browser

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill executes npx --yes serve-sim@latest in SKILL.md to download and run the simulator mirroring tool from the NPM registry. This is a vendor-owned resource necessary for the skill's primary functionality.\n- [COMMAND_EXECUTION]: The script scripts/swiftui-preview-browser.mjs executes system binaries including xcodebuild, xcrun, and swift to manage iOS simulators and compile the preview host application. These commands are executed using execFile and spawn which helps prevent shell injection.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes user-provided Package.swift files (via swift package dump-package) and Swift source code (monitored by fs.watch) to generate and build a host application. No explicit boundary markers or delimiters are used for this ingested content. Capabilities across scripts/swiftui-preview-browser.mjs include file-system writes (writeFile), directory removal (rm), and subprocess execution (execFile). Sanitization is provided by the use of execFile instead of exec, which prevents command interpolation into a shell context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:11 AM
Security Audit — agent-trust-hub — ios-simulator-browser