asc-signing-setup
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill instructions or workflows.
- [COMMAND_EXECUTION]: The skill documents the use of the asc command-line utility for managing app development assets. Evidence: Commands like asc bundle-ids, asc certificates, and asc profiles are listed for routine administrative tasks.
- [DATA_EXFILTRATION]: The skill provides a workflow for synchronizing signing assets with a remote git repository. Evidence: The asc signing sync command facilitates encrypted storage of certificates and profiles. It utilizes the MATCH_PASSWORD environment variable to avoid hardcoding secrets, following industry-standard patterns for shared signing credentials.
Audit Metadata