App Store Connect Expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill manages App Store Connect API keys and performs network requests to Apple's API endpoints. This behavior is necessary for the intended functionality. No hardcoded secrets or unauthorized exfiltration attempts were observed.
- [Indirect Prompt Injection] (LOW): The skill reads external metadata files from the filesystem. Ingestion points: fastlane/metadata/ text files. Boundary markers: Absent. Capability inventory: Bash, Edit, WebFetch. Sanitization: Absent. The risk is minimized by the context of automated deployment.
- [Unverifiable Dependencies] (SAFE): The skill references standard packages (appstoreconnect, PyJWT) and CLI tools installed via reputable package managers.
Audit Metadata