Skills
skills/tddworks/asc-cli-skills/asc-appstore-release/Gen Agent Trust Hub

asc-appstore-release

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the asc CLI binary directly from the author's GitHub repository (github.com/tddworks/asc-cli) or via a Homebrew tap (tddworks/tap).
  • [COMMAND_EXECUTION]: The provided setup script (setup-mas-certs.sh) executes local system commands including openssl for key generation, security for keychain manipulation, and the asc CLI for certificate management.
  • [CREDENTIALS_UNSAFE]: The skill involves handling highly sensitive credentials, including App Store Connect API keys and signing certificates. The certificate setup script prints the Base64-encoded P12 file and its password directly to the terminal output to facilitate manual configuration of GitHub Secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 02:30 PM