MCP Observatory
github analyzed dbb99d2 unconfirmed MCP

Eronred/aso-skills

github

AI agent skills for App Store Optimization (ASO) and app marketing. Built for indie developers, app marketers, and growth teams who want Cursor, Claude Code, or any Agent Skills-compatible AI assistant to help with keyword research, metadata optimization, competitor analysis, and app growth.

maintainer
Eronred
license
MIT
first seen
2026-06-01
last seen
2026-06-04
releases · 30d
0
short id
risk24/100 · heuristic grade
B low
  • recent driftinferred+12
  • tool safetyinferred+12

inferred

The A–E grade is our heuristic synthesis — a "review this" prompt, not a verdict. Each factor is tagged by what backs it: attested (a verifiable record), reported (a third party's claim), or inferred (our own heuristic, e.g. permissions). See methodology.

graded 7m ago · see ecosystem CVEs →

risk trajectory1 movements
  • A · 0B · 24
vulnerabilities0 CVEs

no known CVEs for this server.

tool safety1 findings · grade factor +12
  1. highhidden prompt content

    1 file(s) with hidden prompt content: Eronred-aso-skills-dbb99d2/skills/competitor-tracking/SKILL.md (skill-exfil): "secret→sink: echo "=== $APP_ID ===""

skills & danger signalsgithub-tarball
prompt-surface shipped agent-instruction files + hidden-content / dangerous-code findings — quoted from the analyzed source

analyzed commit dbb99d2 · analyzer v17 · 1d ago

skills & prompt files 42

other grade factorsevidence elsewhere
embed badgereadme-ready
live risk-grade badge preview [![MCP Observatory risk grade](https://mcpobservatory.com/servers/github:Eronred/aso-skills/badge.svg)](https://mcpobservatory.com/servers/github:Eronred/aso-skills/security)

Heuristic, inferred signals — false positives (legitimately powerful tools, forks, language ports) are expected. Treat each as "review this", not a verdict. See the ecosystem-wide picture on the security hub, or the fleet security of Eronred.