gpc-review-management
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the 'gpc' CLI tool to interact with Google Play Console services for listing and responding to app reviews.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted user review data which could contain malicious instructions.
- Ingestion points: Data is retrieved from the external service via 'gpc reviews list' and 'gpc reviews get' in SKILL.md.
- Boundary markers: There are no delimiters or specific instructions provided to the agent to treat the fetched review content as non-executable data.
- Capability inventory: The agent has the capability to write back to the store via the 'gpc reviews reply' command in SKILL.md.
- Sanitization: No automated sanitization or filtering of the review text is documented, though the skill provides a behavioral constraint to show drafts to the user for approval before sending.
Audit Metadata