Skills
skills/everyinc/every-marketplace/test-xcode/Gen Agent Trust Hub

test-xcode

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the XcodeBuildMCP server from Sentry's GitHub repository or via npx. Sentry is a well-known technology organization, and the dependency is appropriate for the skill's development-focused functionality.
  • [COMMAND_EXECUTION]: The skill utilizes MCP tools to execute local build and test commands, such as build_ios_sim_app, launch_app_on_simulator, and boot_simulator. These operations are consistent with the skill's primary purpose of automating Xcode workflows.
  • [PROMPT_INJECTION]: The skill processes external data which presents a surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the agent context through simulator logs via get_sim_logs and project metadata via discover_projs.
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands when processing log output.
  • Capability inventory: The skill has the ability to execute local build commands and simulator lifecycle operations via the XcodeBuildMCP server.
  • Sanitization: The skill does not implement explicit sanitization or validation of the simulator log content before it is reviewed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 06:39 AM