Skills
skills/vabole/apple-skills/ios-ui-craft/Gen Agent Trust Hub

ios-ui-craft

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute local shell commands (xcrun simctl and sips) to capture and process screenshots from the iOS simulator as part of the visual iteration workflow.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the ingestion of untrusted data.
  • Ingestion points: User-provided iOS design requirements and interface descriptions (SKILL.md).
  • Boundary markers: Absent.
  • Capability inventory: Local shell command execution for screenshot management and generation of executable SwiftUI code (SKILL.md).
  • Sanitization: None identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 04:29 PM