asc-aso-audit
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of the skill instructions and reference files found no evidence of malicious behavior, obfuscation, or unauthorized access. All identified operations are aligned with the stated purpose of performing App Store Optimization audits.
- [EXTERNAL_DOWNLOADS]: The skill references the
asccommand-line tool and the Astro MCP extension as functional dependencies for metadata retrieval and search ranking analysis. - [DATA_EXFILTRATION]: App Store identifiers and keyword strings are shared with the Astro MCP service to facilitate keyword popularity and competitor analysis, which is consistent with the skill's stated purpose.
- [PROMPT_INJECTION]: The skill processes untrusted data from local metadata files (e.g.,
metadata/app-info/). While no explicit boundary markers or sanitization steps are defined for this input, the skill's logic is restricted to tokenization and calling specific Astro MCP tools, and it does not interpret the metadata content as agent instructions.
Audit Metadata