asc-ppp-pricing

Warn

Audited by Snyk on Jun 14, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly designed to create and update monetary pricing for App Store Connect products. It exposes concrete commands that modify prices and price schedules (e.g., "asc subscriptions pricing prices set", "asc subscriptions pricing prices import" (apply mode), "asc iap pricing schedules create", "asc iap setup" with --price/--base-territory, and pricing availability edits). These are non-generic, purpose-built operations that change monetary settings (prices/schedules/territories) and can be applied (not only viewed or dry-run), so it grants direct financial execution capability.

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 14, 2026, 08:53 AM
Issues
1
Security Audit — snyk — asc-ppp-pricing