Skills
skills/rudrankriyam/asc-skills/asc-localize-metadata/Gen Agent Trust Hub

asc-localize-metadata

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill uses a prompt template for LLM translation that directly interpolates external app metadata like descriptions and release notes. If an attacker controls the source metadata, they could embed instructions to override the translation task or leak information.
  • Ingestion points: Interpolates variables {description}, {keywords}, {whatsNew}, {promotionalText}, {name}, and {subtitle} into the LLM prompt in SKILL.md.
  • Boundary markers: Uses triple quotes """ for description and whatsNew fields, but lacks explicit instructions to ignore embedded commands within those fields.
  • Capability inventory: Utilizes the asc CLI to upload processed metadata to App Store Connect, which is a high-privilege action affecting live app store listings.
  • Sanitization: No sanitization or filtering of the source metadata is specified before it is sent to the LLM.
  • [COMMAND_EXECUTION]: The skill executes multiple commands using the asc CLI tool to fetch and update app information. While necessary for the skill's functionality, these commands depend on the presence of local credentials or environment variables (ASC_*) and perform modifications to external services.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 01:56 PM