asc-localize-metadata
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external App Store metadata into translation prompts.
- Ingestion points: Metadata such as app descriptions and release notes are retrieved from App Store Connect via CLI commands.
- Boundary markers: The skill uses triple-quote delimiters (""") to separate ingested content within the LLM translation prompt.
- Capability inventory: The agent can execute asc CLI commands to modify app store configurations and perform file system operations.
- Sanitization: No explicit sanitization or filtering is applied to the ingested metadata before it is processed by the LLM.
- [COMMAND_EXECUTION]: The skill utilizes the asc CLI for its primary functionality, involving shell command execution for tasks such as listing app versions and uploading localization files. This behavior is consistent with the skill's intended administrative purpose.
Audit Metadata