Skills
skills/rudrankriyam/asc-skills/gpd-ppp-pricing/Gen Agent Trust Hub

gpd-ppp-pricing

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes gpd CLI commands to perform monetization tasks on the Google Play Store, such as migrating base plan prices and updating one-time products.
  • [PROMPT_INJECTION]: The skill features an attack surface for indirect prompt injection as it ingests data from external JSON files (migrate.json, offer.json, offers.json, and states.json) to configure regional pricing and offers.
  • Ingestion points: Data enters the agent's context through several JSON files specified via the --file flag in the skill instructions.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious content within these JSON files.
  • Capability inventory: The skill's primary capability is the execution of shell commands (gpd) which perform network operations to interact with Google APIs.
  • Sanitization: The skill does not define validation or sanitization steps for the data processed from the JSON files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 05:15 AM