The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes multiple asc CLI commands to perform sensitive operations such as creating provisioning profiles, uploading build archives, and submitting versions to App Store Connect.
[COMMAND_EXECUTION]: The skill dynamically executes arbitrary commands listed in the pre_archive section of the .asc/release.yml file (e.g., tuist generate).
[COMMAND_EXECUTION]: The skill reads and modifies project source files (e.g., Shared.swift, ProjectDescriptionHelpers) to automate the bumping of version and build numbers.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing data from a local configuration file and project source files. Ingestion points: .asc/release.yml and project-specific version files. Boundary markers: None identified in the workflow instructions. Capability inventory: asc CLI subprocess calls, execution of arbitrary commands from pre_archive hooks, and file-write capabilities. Sanitization: No explicit sanitization of input data from the configuration file or source files is implemented before being interpolated into CLI commands.

asc-release-workflow