asc-crash-triage
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the asc command-line tool to fetch data from App Store Connect, including crash reports and performance diagnostics.
- [PROMPT_INJECTION]: The skill processes external data from beta feedback and crash reports, creating a surface for indirect prompt injection. * Ingestion points: Data enters the context via the asc feedback and asc crashes commands. * Boundary markers: No delimiters are specified to isolate external data. * Capability inventory: The agent can execute asc commands and write to local files like metrics.json. * Sanitization: No content filtering or validation is mentioned.
Audit Metadata