The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the gpd utility to interact with the Google Play Developer API for tasks such as release validation, status monitoring, and asset management. These commands are standard for mobile application deployment workflows.
[DATA_EXPOSURE_AND_EXFILTRATION]: The skill handles application-specific metadata and store assets. No access to sensitive user credentials, private SSH/AWS keys, or unauthorized network destinations was identified.
[PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes data from the Google Play API which could theoretically contain malicious instructions. 1. Ingestion points: External data enters via gpd publish listing get and gpd publish details get commands in SKILL.md. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: The skill possesses write capabilities including gpd publish release and gpd publish images upload in SKILL.md. 4. Sanitization: No explicit validation or filtering of API-returned metadata is performed within the skill instructions.

gpd-submission-health