asc-release-flow
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses a consistent set of CLI commands ('asc') for App Store management, which aligns with its stated purpose of automating release flows.
- [SAFE]: Authentication is handled via standard environment variables (ASC_*) or interactive login, avoiding hardcoded secrets or unsafe credential handling.
- [SAFE]: No suspicious remote downloads, obfuscated code, or unauthorized network operations were detected. All network activities are performed by the 'asc' tool to interact with Apple's official APIs.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from local metadata files and privacy configurations to populate CLI arguments. This risk is inherent to automation tools and is documented here for completeness.
- Ingestion points: Local metadata directories ('--metadata-dir') and privacy configuration files ('--file') are read and processed (SKILL.md).
- Boundary markers: No specific boundary markers or 'ignore' instructions are provided for the content of these files.
- Capability inventory: The skill executes various 'asc' subcommands that can modify application state and release settings (SKILL.md).
- Sanitization: Input from local files is not explicitly sanitized before being passed as arguments to the CLI tool.
Audit Metadata