marketing-aso
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's behavior aligns with its documented purpose of performing ASO audits. It does not access sensitive credentials or private system files.
- [EXTERNAL_DOWNLOADS]: The skill fetches data from public app store listings on official Apple and Google domains via WebFetch as described in SKILL.md. This is necessary for the audit and does not involve downloading executable code.
- [PROMPT_INJECTION]: The skill processes external text from app store listings. Evidence chain: 1. Ingestion points: WebFetch calls to Apple and Google stores in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Data extraction and report generation only; no shell execution, evaluation, or file-writing capabilities exist in the skill's instructions. 4. Sanitization: Absent. The risk is assessed as safe given the restricted capability set.
Audit Metadata