asc-wall-submit
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to run the
make generate appcommand within theApp-Store-Connect-CLIrepository. It interpolates four user-provided variables (APP,LINK,CREATOR, andPLATFORM) directly into a shell command. This pattern is inherently risky as it allows the execution of system commands. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (specifically command injection) because it takes untrusted user input and places it in a high-privilege context (a shell command) without sanitization.
- Ingestion points: User-provided inputs for
app,link,creator, andplatformdefined inSKILL.md. - Boundary markers: There are no boundary markers or instructions to escape the user-provided strings to prevent them from breaking out of the command's quoted sections.
- Capability inventory: The agent is explicitly instructed to execute subprocesses via the
makecommand as described in the 'Submission workflow' section. - Sanitization: The instructions do not include any steps to validate the inputs or strip shell metacharacters (e.g.,
;,&,|,$(...)) before executing the command.
Audit Metadata