asc-metadata-sync
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- SAFE (SAFE): The skill consists entirely of markdown documentation and example shell commands. No scripts or binaries are included with the skill.\n- Indirect Prompt Injection (SAFE): The skill defines a workflow for processing external metadata and local localization files. While this is an ingestion surface, it is standard for the tool's intended purpose and no malicious patterns are present.\n
- Ingestion points: Data retrieved from App Store Connect via
asc localizations downloadand content read from local.stringsfiles.\n - Boundary markers: Not explicitly defined in the provided command examples.\n
- Capability inventory: Execution of the
asccommand-line tool for metadata synchronization.\n - Sanitization: The skill references
asc migrate validateas a built-in mechanism for validating character limits and required fields before processing.
Audit Metadata