gpc-ci-integration
Fail
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill recommends a standalone installation method that pipes a remote script directly to the shell:
curl -fsSL https://raw.githubusercontent.com/yasserstudio/gpc/main/scripts/install.sh | bash. This executes remote code without integrity verification or checksums, posing a high risk if the author's repository is compromised. - [EXTERNAL_DOWNLOADS]: The skill fetches an installation script from an external GitHub repository (
yasserstudio/gpc) during CI setup. Relying on unversioned remote scripts for core functionality in a production pipeline is a supply chain risk. - [COMMAND_EXECUTION]: The detection script
scripts/detect_gpc.mjsusesexecSyncto executegpcandnpxcommands on the host system to determine the environment status. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection (Category 8) by interpolating user-provided application names and release tracks into shell commands within generated YAML workflows.
- Ingestion points: User-provided app package name and track identifiers in
SKILL.md. - Boundary markers: Absent; user data is directly inserted into YAML
runblocks. - Capability inventory: The skill generates YAML files that execute privileged shell commands (e.g.,
gpc releases upload). - Sanitization: Absent; no validation or escaping is performed on the user-provided strings.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/yasserstudio/gpc/main/scripts/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata