asc-release-workflow

SUSPICIOUS: the workflow is purpose-aligned for App Store releases, but it routes sensitive release operations through a non-Apple third-party CLI and can execute config-driven pre-archive commands. The capability set is coherent, yet the combination of third-party tool trust, credential use, and autonomous publishing actions makes this a medium-to-high security risk rather than benign.