writing-ios-unit-tests
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute local shell scripts such as
./scripts/test.shand./scripts/check-coverage.sh, as well as system tools likexcodebuildandxcrun simctl. While these are standard for iOS development, they represent a broad command execution surface that depends on the integrity of the project's local environment.\n- [PROMPT_INJECTION]: The skill defines its operational scope using a$ARGUMENTSplaceholder which is intended to be filled with user-provided input. This creates an indirect prompt injection surface.\n - Ingestion points: The
Scopesection inSKILL.mddirectly interpolates user input via the$ARGUMENTSvariable.\n - Boundary markers: Absent. The skill does not provide delimiters or instructions to treat the user-supplied content as untrusted or separate from the agent's primary instructions.\n
- Capability inventory: The agent is authorized to execute shell scripts and perform project-wide code analysis based on the defined scope.\n
- Sanitization: Absent. There is no instruction for the agent to validate, escape, or sanitize the user-provided arguments before they are used to determine the task scope or potentially passed to shell commands.
Audit Metadata