gemini-3-advanced
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill demonstrates tools for Google Search and URL context fetching. These ingest external data, creating an inherent surface for indirect prompt injection. 1. Ingestion points: google_search_retrieval and url_context tools in references/built-in-tools.md and scripts/use-tools.py. 2. Boundary markers: Absent in demonstration code. 3. Capability inventory: code_execution tool. 4. Sanitization: Relies on native model safety.
- Dynamic Execution (SAFE): The code_execution tool allows the model to generate and execute Python code in a sandboxed environment, which is a standard feature of the platform.
Audit Metadata