gpc-ci-integration
Fail
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill recommends installing the GPC CLI via a piped shell script (
curl -fsSL https://raw.githubusercontent.com/yasserstudio/gpc/main/scripts/install.sh | bash) as shown in SKILL.md. This pattern executes remote code directly in the host shell without prior verification. - [COMMAND_EXECUTION]: The detection script
scripts/detect_gpc.mjsusesexecSyncto run CLI commands includinggpc --version,gpc auth status, andgpc config get. While used for environment discovery, it involves arbitrary command execution. - [EXTERNAL_DOWNLOADS]: The skill downloads the
@gpc-cli/clipackage from the NPM registry and fetches the installation script from GitHub. - [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by processing external data from the Google Play Store (vitals and reviews). Evidence: 1. Ingestion points: Data entering via
gpc vitalsandgpc reviewscommands (SKILL.md, github-actions.md); 2. Boundary markers: None present in instructions; 3. Capability inventory:execSyncindetect_gpc.mjsand file writing to$GITHUB_STEP_SUMMARY; 4. Sanitization: No sanitization or validation of the ingested external content is defined.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/yasserstudio/gpc/main/scripts/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata