Skills
skills/krzemienski/validationforge/ios-validation-runner/Gen Agent Trust Hub

ios-validation-runner

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands using xcrun simctl and idb to manage iOS simulators and capture testing artifacts. These are standard Apple and Facebook developer utilities used for their intended purpose.
  • [EXTERNAL_DOWNLOADS]: Provides instructions to install the idb-companion utility from Facebook's official Homebrew tap. Facebook is a well-known technology organization, and the reference is for legitimate tooling setup.
  • [DATA_EXFILTRATION]: Accesses crash logs from ~/Library/Logs/DiagnosticReports and application log streams. This data is stored locally in the e2e-evidence/ directory for validation purposes and is not transmitted to external servers.
  • [PROMPT_INJECTION]: Ingests and analyzes application logs and crash reports during the 'VERIFY' phase. While processing untrusted data from logs is an indirect prompt injection surface, it is necessary for the skill's primary function of test validation and carries low risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 03:10 PM
Security Audit — agent-trust-hub — ios-validation-runner