gemini-auth
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (LOW): The skill uses 'curl https://sdk.cloud.google.com | bash' to install the Google Cloud SDK. While this is a critical execution pattern, the source is a trusted domain (google.com), justifying a downgrade to LOW per the analysis framework.
- [COMMAND_EXECUTION] (MEDIUM): The instructions include 'sudo apt-get install pass' for dependency management. Privilege escalation is generally a HIGH severity finding, but it is downgraded to MEDIUM here as it is necessary for the skill's primary purpose.
- [COMMAND_EXECUTION] (MEDIUM): Multiple examples promote the use of the '--yolo' flag for automated execution of AI-generated prompts. This bypasses human review for terminal commands, which is a significant risk factor if the model interprets untrusted input.
- [EXTERNAL_DOWNLOADS] (LOW): Software and API validation requests are directed to 'sdk.cloud.google.com' and 'generativelanguage.googleapis.com', which are trusted sources.
- [PROMPT_INJECTION] (LOW): The skill describes CI/CD and Docker workflows where the AI analyzes untrusted repository content. This defines an Indirect Prompt Injection surface (Category 8), though no specific exploits are present in the provided documentation.
Recommendations
- HIGH: Downloads and executes remote code from: https://sdk.cloud.google.com - DO NOT USE without thorough review
Audit Metadata