The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes various gpc CLI subcommands to monitor Android app vitals, such as crash rates, ANR rates, and performance metrics (startup, rendering, battery, memory).
[COMMAND_EXECUTION]: The included scripts/detect_gpc.mjs utility uses node:child_process.execSync to verify the installation status, version, and authentication configuration of the GPC CLI tool.
[EXTERNAL_DOWNLOADS]: Documentation within references/ci-gating.md suggests installing the @gpc-cli/cli package globally via npm, which is a standard procedure for this developer tool.
[DATA_EXFILTRATION]: The gpc watch functionality allows for data exfiltration of app rollout status and vitals breach data to a user-specified --webhook-url. This is an intended feature for sending notifications to services like Slack or custom monitoring endpoints.
[PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it ingests untrusted external data (user-provided Play Store reviews) via gpc reviews list and gpc reviews analyze. The skill possesses capabilities that could be influenced by such data, including gpc reviews reply for public messaging and gpc watch --on-breach halt for modifying deployment status. While review replies are length-validated to 350 characters, no specific instruction-filtering or boundary-marking for the review content is documented.

gpc-vitals-monitoring