mobile-submission
Warn
Audited by Gen Agent Trust Hub on Jul 11, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install and upgrade third-party CLI tools
asc(from rorkai) andgplay(from tamtom/tap) using Homebrew. These are external dependencies from unverified sources.- [EXTERNAL_DOWNLOADS]: The skill recommends registering companion skill packs (rorkai/app-store-connect-cli-skillsandtamtom/gplay-cli-skills) which dynamically extend the agent's functionality with external code.- [COMMAND_EXECUTION]: The instructions involve executing a wide range of shell commands for app building, uploading, and status tracking, which grants the agent significant control over the local environment and store accounts.- [PROMPT_INJECTION]: The skill processes untrusted external data, including App Store/Google Play rejection notices and web search results for policy citations. This creates a surface for indirect prompt injection attacks where malicious instructions hidden in these sources could influence the agent's behavior. - Ingestion points:
references/apple.mdandreferences/google.md(rejection notices, store status),SKILL.md(git diffs, web search results). - Boundary markers: None identified.
- Capability inventory: Command execution via
asc,gplay,brew, and Git; file system access for builds and keys; network access for store APIs. - Sanitization: None identified.- [CREDENTIALS_UNSAFE]: The skill handles sensitive authentication materials, including App Store Connect API keys and Google Play service account JSON files. While it advises using environment variables and secret managers, the instructions require the agent to manage credentials with full administrative access to production app stores.
Audit Metadata