ios-marketing-capture
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill generates and executes shell scripts that interact with system-level developer tools including
xcodebuild,flutter, andxcrun simctlto build the app and capture screen output. - [EXTERNAL_DOWNLOADS]: The skill documentation provides instructions for installing the AppLaunchFlow MCP via
npxfrom the NPM registry to enable optional layout generation features. - [REMOTE_CODE_EXECUTION]: The tool facilitates the execution of a remote MCP server using
npx -y @applaunchflow/mcp@latestas part of the asset preparation pipeline. - [DATA_EXFILTRATION]: The skill is designed to upload curated application screenshots to the vendor's service (
applaunchflow.com) via a specialized MCP tool to create professional App Store layouts. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its automated discovery mechanism.
- Ingestion points: The agent is directed to read and analyze local project files including
pubspec.yaml,project.pbxproj, and localization string files (.xcstrings,.arb). - Boundary markers: No explicit delimiters or instructions to treat project content as untrusted data are present in the scripts.
- Capability inventory: The agent possesses the ability to execute shell commands, write files, and perform network requests via the integrated MCP.
- Sanitization: No sanitization or filtering is applied to the data ingested from the user's codebase.
Audit Metadata