gpc-onboarding
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install the '@gpc-cli/cli' package from npm and provides a Homebrew installation method via the author's verified tap ('yasserstudio/tap/gpc'). These are standard distribution channels for the tool.
- [COMMAND_EXECUTION]: The documentation includes steps to enable shell tab completion by appending the output of 'gpc completion' to the user's '~/.bash_completion' file. While this involves modifying shell configuration, it is a routine practice for enhancing CLI usability.
- [COMMAND_EXECUTION]: The procedure guides the agent and user through executing various CLI commands such as 'gpc quickstart', 'gpc auth login', and 'gpc doctor --fix' which manage configuration and authentication.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by retrieving user-generated content (reviews) via the 'gpc reviews list' command. This data enters the agent's context and could potentially contain malicious instructions, though the risk is mitigated by platform-level LLM safety guardrails.
- Ingestion points: User reviews retrieved from the Google Play Store via 'gpc reviews list' (SKILL.md).
- Boundary markers: Absent. No specific delimiters or instructions are provided to the agent to ignore embedded instructions in the retrieved data.
- Capability inventory: The skill has capabilities to execute shell commands and modify local configuration files via the GPC tool suite.
- Sanitization: No explicit sanitization or filtering of review content is mentioned in the skill definition.
Audit Metadata