appstore-screenshots
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill orchestrates the execution of local scripts (
screenshot-gen.sh,auto-explore.py, andpromo-gen.py) to automate Xcode tasks and image rendering. This is a standard operational pattern for build-automation tools. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from local Xcode projects and workspace files. Although this represents an ingestion surface for untrusted content, the risk is negligible as the skill lacks network exfiltration capabilities or unsafe dynamic execution of external data.
- Ingestion points: Project and workspace files located at the user-provided path.
- Boundary markers: None specified in the instructions.
- Capability inventory: Local execution of shell and Python scripts within the workspace environment.
- Sanitization: No explicit sanitization or validation of the project structure is documented.
- [SAFE]: No obfuscation, hardcoded credentials, or unauthorized network operations were detected. The skill's behavior aligns with its stated purpose of automating developer workflows.
Audit Metadata