High-risk tools in Xcode
25 of the 69 tools in Xcode are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
boot_simulatorExecuteBoot an iOS simulator by UDID or name
-
build_spm_packageExecuteBuilds a Swift Package Manager package directly using
-
build_swift_packageExecuteBuilds a Swift Package using Swift Package Manager.
-
change_directoryExecuteChanges the active directory for relative path operations.
-
clean_swift_packageExecuteCleans the build artifacts of a Swift Package.
-
compile_asset_catalogExecuteCompiles an asset catalog (.xcassets) using actool
-
export_archiveExecuteExport an Xcode archive for distribution (App Store, Ad Hoc, Enterprise, Development)
-
install_appExecuteInstall an app on a simulator
-
launch_appExecuteLaunch an installed app on a simulator
-
open_urlExecuteOpen a URL in a simulator
-
pod_installExecuteRuns
-
pod_repo_updateExecuteUpdates the local clone of the CocoaPods spec repositories.
-
pod_updateExecuteRuns
-
pop_directoryExecutePops a directory from the stack and changes to it.
-
push_directoryExecutePushes the current directory onto a stack and changes to a new directory.
-
run_lldbExecuteLaunches the LLDB debugger with optional arguments
-
run_xcrunExecuteExecutes a specified Xcode tool via xcrun
-
shutdown_simulatorExecuteShutdown a simulator by UDID, or shutdown all running simulators
-
swift_package_commandExecuteExecutes Swift Package Manager commands in the active project directory.
-
switch_xcodeExecuteSwitch the active Xcode version
-
terminate_appExecuteTerminate a running app on a simulator
-
test_spm_packageExecuteRuns tests for a Swift Package Manager package directly using
-
test_swift_packageExecuteTests a Swift Package using Swift Package Manager.
-
trace_appExecuteCaptures a performance trace of an application using xctrace
-
validate_appExecuteValidate an app for App Store submission using altool
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.