asc-new-app-release
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies extensively on shell commands through the 'asc' CLI to manage App Store Connect resources, including bundle ID registration, app creation, and build uploads.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) as it interpolates external, potentially untrusted data from project files or user input into shell commands without sanitization.
- Ingestion points: Untrusted data such as app names, descriptions, and SKUs are gathered from the project environment and user input in SKILL.md.
- Boundary markers: The instructions lack delimiters or specific directives to ignore embedded instructions within the variables being interpolated.
- Capability inventory: The skill uses subprocess execution of the 'asc' CLI, which has the power to modify account-level settings and publish software to the App Store.
- Sanitization: There are no explicit steps provided to escape or validate input strings before they are used in shell command arguments.
Audit Metadata