asc-apple-ads

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is centered around executing the asc CLI tool to interact with Apple Ads services. It provides detailed workflows for authentication, resource discovery (campaigns, ad groups, apps), and mutations (creation, updates, and deletions). All destructive actions, such as asc ads campaigns delete, are documented to require the --confirm flag, and the instructions explicitly advise against mutating live accounts without user approval.
  • [DATA_EXPOSURE]: The skill references a sensitive file path at $HOME/.asc/apple-ads-private-key.pem for authentication purposes. This is standard configuration for the asc tool when managing Apple Search Ads and is documented as a parameter for the asc ads auth login command.
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its reliance on external JSON files for command payloads.
  • Ingestion points: Multiple commands (e.g., in SKILL.md) use the --file flag to ingest JSON data for creating or updating campaigns and ad groups.
  • Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within these JSON files.
  • Capability inventory: The skill can execute subprocesses (asc), read local files, and perform network operations via the API.
  • Sanitization: No sanitization or validation of the ingested JSON content is mentioned.
  • Note: This is an inherent risk of tools that process external configuration files and does not indicate malicious intent in the skill itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 12:38 AM
Security Audit — agent-trust-hub — asc-apple-ads