GCP-expert
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No attempts to override agent behavior or bypass safety filters were detected. The skill actually strengthens safety by requiring bold warnings for high-risk commands like
rmandkubectl delete. - [Data Exposure & Exfiltration] (SAFE): The skill does not contain hardcoded credentials, sensitive file paths, or network operations targeting external domains.
- [Obfuscation] (SAFE): All content is provided in plain Markdown and YAML frontmatter. No Base64, zero-width characters, or hidden Unicode tags were found.
- [Remote Code Execution] (SAFE): The skill does not download or execute remote scripts. It provides static configuration examples and command templates for the user to review.
- [Indirect Prompt Injection] (LOW): The skill is designed to process user technical queries. While it interpolates user needs into its workflow to generate solutions, it lacks autonomous execution capabilities (e.g., it doesn't call APIs or write to the filesystem itself), which limits the risk of harmful downstream effects.
Audit Metadata