gpd-ppp-pricing
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill's primary function is to execute shell commands using the gpd utility to modify monetization settings. This is the intended behavior.\n- CREDENTIALS_UNSAFE (SAFE): References the GPD_SERVICE_ACCOUNT_KEY environment variable for authentication but does not include any hardcoded secrets.\n- INDIRECT_PROMPT_INJECTION (LOW): The skill processes data from external JSON files which could theoretically be used to influence tool behavior.\n
- Ingestion points: Local files like migrate.json and offer.json.\n
- Boundary markers: None present.\n
- Capability inventory: Subprocess execution of the gpd CLI.\n
- Sanitization: None identified.
Audit Metadata