asc-cli

The skill’s purpose and requested Apple credentials are broadly consistent with App Store Connect management, but the trust model is weak: it installs a third-party CLI from a Homebrew tap and then forwards Apple API credentials and private key material to it. Without verifiable provenance or source/release evidence, this is best classified as suspicious rather than benign.