foundation-models-os27-updater

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use shell commands for project auditing and verification. This includes git status, find, and ripgrep (rg) for discovery, and xcrun, swift build, swift test, and xcodebuild for SDK inspection and compilation checks.
  • [EXTERNAL_DOWNLOADS]: The use of swift build and xcodebuild implies the potential download of external dependencies defined in the user's Package.swift or Xcode project. These operations are conducted through standard package managers as part of the intended development workflow.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill references a specific local path (/Users/rudrank/Downloads/Xcode-beta.app/Contents/Developer) as an example for the DEVELOPER_DIR environment variable. This is an author-specific reference and does not involve unauthorized access to sensitive user data or external network exfiltration.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it processes untrusted data from the local project files.
  • Ingestion points: Project source code and configuration files read by rg and find in SKILL.md.
  • Boundary markers: None specified for the output of the search commands.
  • Capability inventory: Shell command execution via swift build, swift test, and xcodebuild in SKILL.md.
  • Sanitization: No explicit sanitization or validation of the content read from files is mentioned before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 03:59 AM
Security Audit — agent-trust-hub — foundation-models-os27-updater