apple-aso
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. 1. Ingestion points: The skill processes untrusted metadata from store.config.json and docs/aso-guidelines.md. 2. Boundary markers: Absent; there are no explicit delimiters to isolate external metadata from the agent's instructions. 3. Capability inventory: The skill utilizes the eas CLI tool to perform system-level command execution (eas metadata:push and eas metadata:pull). 4. Sanitization: Absent; no validation or sanitization is performed on the metadata before it is processed or synchronized.
- [COMMAND_EXECUTION]: The skill instructs the agent to use the eas CLI for App Store metadata synchronization operations.
Audit Metadata