The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill recommends an installation method using curl -fsSL https://asccli.sh/install | bash. This pattern executes code from an external server directly in the system shell without prior user verification, presenting a significant code execution risk.\n- [COMMAND_EXECUTION]: The skill relies on executing numerous shell commands via the asc CLI tool to perform actions like uploading builds and managing app metadata. These commands are executed as subprocesses and include the handling of sensitive file paths.\n- [EXTERNAL_DOWNLOADS]: The skill triggers a download of an installation script from the external domain https://asccli.sh/install.\n- [CREDENTIALS_UNSAFE]: The instructions direct the agent to handle highly sensitive Apple App Store Connect API credentials, specifically .p8 private key files, Issuer IDs, and Key IDs. The skill explicitly details commands that access these sensitive file paths for authentication purposes.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted external data.\n
Ingestion points: Untrusted data enters the agent context via asc testflight feedback list and asc testflight crashes list commands in SKILL.md.\n
Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious content embedded in the feedback or crash logs.\n
Capability inventory: The agent possesses the capability to execute shell commands that can modify App Store configurations, release versions, and metadata.\n
Sanitization: There is no evidence of sanitization or validation of the ingested external content before it is processed by the agent.

app-store-connect-cli