asc-metadata-sync
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: A comprehensive analysis of the skill reveals no signs of malicious patterns, obfuscation, or unauthorized data access. The skill aligns with its stated purpose of assisting with App Store metadata synchronization.\n- [COMMAND_EXECUTION]: The skill includes shell command examples using the 'asc' tool. These commands are standard for administrative tasks such as listing version localizations, uploading app info, and updating version metadata. No suspicious or high-risk command patterns (like sudo or remote script piping) were found.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes external metadata and local .strings files. However, the capabilities are limited to metadata management. Ingestion points: remote App Store Connect metadata and local .strings files. Boundary markers: none. Capability inventory: shell execution of 'asc' commands. Sanitization: uses 'asc migrate validate' to enforce character limits and field requirements.
Audit Metadata