asc-performance
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill references a sensitive private key file path (~/.asc/AuthKey.p8) in its authentication instructions. While standard for accessing App Store Connect APIs, this involves handling paths to highly sensitive credentials.
- [COMMAND_EXECUTION]: The skill instructions and typical workflows involve the execution of various shell commands using the asc CLI and jq to list and filter performance metrics and diagnostic logs.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it consumes data from external API responses and uses that data (e.g., IDs in the 'affordances' field) to dynamically generate subsequent shell commands.
- Ingestion points: JSON responses from asc perf-metrics, asc diagnostics, and asc diagnostic-logs as described in SKILL.md and commands.md.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to sanitize or ignore malicious content embedded within the API data.
- Capability inventory: Execution of subprocess commands via the asc CLI and data manipulation with jq.
- Sanitization: No input validation, escaping, or filtering of the IDs returned by the API is performed before they are interpolated into shell commands.
Audit Metadata