The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data through an interactive questionnaire (e.g., package name, app name, organization details) which is then interpolated into scripts and configuration files. * Ingestion points: User responses from the 'Interactive Questionnaire' section. * Boundary markers: None identified in the provided skill text to delimit user-provided strings within generated scripts. * Capability inventory: Subprocess execution of Gradle tasks, Python validation scripts, and Bash deployment scripts in Phase 8. * Sanitization: No explicit sanitization or validation logic is shown for the captured user input before it is used in command-line arguments or file writes.
[COMMAND_EXECUTION]: The skill performs dynamic execution by generating local shell scripts (e.g., 'increment-version.sh', 'validate-release.sh') and GitHub Action workflows, which are subsequently executed or validated using tools like bash and yamllint. This is a standard part of the orchestration process for setting up a deployment pipeline.
[DATA_EXFILTRATION]: The skill generates and interacts with sensitive files, specifically Android keystores and a 'KEYSTORE_INFO.txt' file containing passwords. While this poses a data exposure risk, the skill includes security measures such as updating .gitignore to exclude these files and providing explicit user warnings against committing them to source control.

android-playstore-pipeline