Skills
skills/rorkai/app-store-connect-cli-skills/asc-notarization/Gen Agent Trust Hub

asc-notarization

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Utilizes system utilities including security, codesign, xcodebuild, ditto, productsign, and hdiutil to perform necessary app packaging and signing tasks.
  • [COMMAND_EXECUTION]: Employs the asc CLI tool, a resource from the skill's author, to interact with Apple's Notarization service.
  • [COMMAND_EXECUTION]: Includes instructions to modify system trust settings via security remove-trusted-cert to resolve common certificate chain issues, which is a standard administrative task for troubleshooting code signing.
  • [EXTERNAL_DOWNLOADS]: Retrieves notarization logs from Apple's servers via curl for debugging failed submissions.
  • [PROMPT_INJECTION]:
  • Ingestion points: Fetches remote logs from LOG_URL using curl in Step 5.
  • Boundary markers: Absent.
  • Capability inventory: Includes system commands for file manipulation (ditto, hdiutil), code signing (codesign), and certificate management (security).
  • Sanitization: Content is piped to python3 -m json.tool for formatting; the formatted output is intended for developer review and is not automatically executed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 02:25 AM