Skills
skills/getsentry/xcodebuildmcp/xcodebuildmcp-docs-command-review/Gen Agent Trust Hub

xcodebuildmcp-docs-command-review

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted data from local project files, which creates a surface for indirect prompt injection if those files contain malicious instructions.
  • Ingestion points: The skill instructions direct the agent to read and analyze CHANGELOG.md, manifests/tools/*.yaml, manifests/workflows/*.yaml, and src/cli/**.
  • Boundary markers: Absent; the instructions do not specify the use of delimiters or provide warnings to the agent to ignore instructions embedded within the target files.
  • Capability inventory: The skill is restricted to read-only capabilities using the Read, Grep, and Glob tools, which limits the potential impact of an injection attack.
  • Sanitization: Absent; the skill does not define any validation or sanitization procedures for the content retrieved from the analyzed files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 03:42 AM
Security Audit — agent-trust-hub — xcodebuildmcp-docs-command-review