asc-init
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill provides legitimate instructions for project setup and context management within the local filesystem.
- [COMMAND_EXECUTION]: The skill describes the use of the
ascCLI tool and thejqutility for managing app identifiers and reading local configuration data. These operations are standard for the tool's intended purpose. - [DATA_EXPOSURE]: The skill reads project bundle identifiers from local Xcode project files (
project.pbxproj) to identify relevant apps in App Store Connect. Extracted metadata (app ID, name, bundle ID) is stored locally in.asc/project.json. No sensitive credentials or private keys are involved.
Audit Metadata