Skills
skills/yasserstudio/gpc-skills/gpc-troubleshooting/Gen Agent Trust Hub

gpc-troubleshooting

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, prompt injections, or data exfiltration attempts were detected across the skill files.
  • [COMMAND_EXECUTION]: The script scripts/detect_gpc.mjs uses execSync to probe the local environment for GPC installation and configuration. The executed commands (e.g., gpc --version, gpc auth status) are static and used solely for diagnostic purposes.
  • [DATA_EXPOSURE]: The skill provides instructions for managing GPC service account credentials. It adheres to security best practices by recommending the use of environment variables (GPC_SERVICE_ACCOUNT) for secret management rather than hardcoding credentials.
  • [EXTERNAL_DOWNLOADS]: The detection script uses npx gpc --version as a fallback. While npx can trigger package downloads from the official NPM registry if a package is missing, this is a standard behavior for Node.js-based CLI tools and does not constitute a security risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 03:57 AM