asc-testflight-orchestration
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes the 'asc' command-line interface to interact with App Store Connect. These commands are descriptive and follow standard CLI patterns for managing beta testing workflows.
- [DATA_EXPOSURE] (SAFE): No hardcoded credentials or sensitive file paths are present. The skill uses descriptive placeholders like 'APP_ID' and 'BUILD_ID' for required parameters.
- [REMOTE_CODE_EXECUTION] (SAFE): There are no patterns involving the download or execution of remote scripts or unverified third-party binaries.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill includes commands that write to local files (e.g., testflight.yaml) and ingest data from external sources (App Store Connect). While this creates a theoretical surface for processing untrusted data, the skill does not contain logic to execute that data as instructions.
Audit Metadata