The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute a bundled Python script (scripts/audit.py) and standard Xcode development tools (xcodebuild, plutil, xcrun simctl) to audit and verify translations. These operations are restricted to the local environment and are consistent with the skill's stated purpose of iOS app localization.
[PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection surface (Category 8). It ingests untrusted data from the user's repository, specifically Swift source files and .xcstrings JSON catalogs, and uses this data to drive translation and code modification logic. A malicious actor could embed instructions within comments or string literals in these files to attempt to influence the agent's behavior during the audit or translation phase.
Ingestion points: Files scanned by scripts/audit.py (any .swift and .xcstrings files within the project root).
Boundary markers: The skill does not explicitly define markers or 'ignore' instructions for the content it reads.
Capability inventory: The agent can perform file writes to the .xcstrings catalog and suggest code changes to Swift files.
Sanitization: There is no evidence of sanitization or escaping of the ingested file content before it is processed by the agent.

swift-missing-translations