asc-apple-ads

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines various workflows that involve executing the asc ads CLI tool to interact with Apple Ads services, which is the primary intended purpose of the skill.
  • [DATA_EXPOSURE]: The skill references sensitive file paths, specifically ~/.asc/apple-ads-private-key.pem, for the purpose of storing and accessing authentication keys required by the asc ads CLI for official API communication.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes data from external JSON files via the --file argument, creating a potential surface for indirect prompt injection if the files contain untrusted instructions.
  • Ingestion points: Data enters the agent context through local JSON files (e.g., reporting-request.json, campaign.json) passed to asc ads commands in SKILL.md.
  • Boundary markers: No specific boundary markers or delimiters are used to wrap the file content or warn the agent about embedded instructions.
  • Capability inventory: The skill possesses the capability to execute subprocess commands via the asc ads CLI.
  • Sanitization: The instructions do not include explicit sanitization or validation of the file content before it is processed by the CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 07:44 PM
Security Audit — agent-trust-hub — asc-apple-ads