gemini-embeddings
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes well-known and trusted Python packages, specifically
google-genaiandnumpy, for its core mathematical and API-interaction functions. - [DATA_EXFILTRATION]: Network operations are directed exclusively to the official Google Gemini API to retrieve embedding vectors. This is the primary purpose of the skill. Sensitive credentials like API keys are retrieved from standard environment variables rather than being hardcoded.
- [COMMAND_EXECUTION]: The
scripts/embed.pyscript acts as a functional interface for the embedding API. It does not perform any arbitrary command execution, system-level modifications, or unauthorized file access.
Audit Metadata