gcloud-cli
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of Google Cloud CLI (gcloud) commands to manage cloud infrastructure. Evidence: SKILL.md and references/command-patterns.md provide numerous examples of commands for Compute Engine, Cloud Run, GKE, IAM, and other services. Mitigation: The skill implements a clear separation between 'Read-only' and 'Mutating' operations, mandating user confirmation and impact assessment for any command that alters the cloud state.
- [PROMPT_INJECTION]: The skill processes data from external cloud resources (such as logs and resource descriptions), which presents a potential surface for indirect prompt injection. 1. Ingestion points: Resource state reading via gcloud compute instances describe, gcloud logging read, and gcloud storage cat. 2. Boundary markers: No specific delimiters are defined to isolate untrusted cloud data from instructions. 3. Capability inventory: Extensive cloud management capabilities including IAM modification, file transfers, and resource deletion. 4. Sanitization: No specific sanitization methods for cloud-sourced data are specified.
Audit Metadata