gemini
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill provides documentation and implementation examples for the Google Gemini API but does not include local executable scripts or binaries in SKILL.md.\n- [SAFE]: Authentication is managed through environment variables rather than hardcoded secrets in SKILL.md, adhering to security best practices.\n- [SAFE]: The skill interacts solely with official and trusted Google domains for API functionality as described in SKILL.md.\n- [PROMPT_INJECTION]: The skill processes untrusted user input and multimodal data in SKILL.md, presenting a surface for indirect prompt injection. This is mitigated by the provider's built-in safety filters.\n
- Ingestion points: User-provided text, image URLs, and audio data in API requests.\n
- Boundary markers: None specified in the usage instructions.\n
- Capability inventory: Network access to Google's generative language API.\n
- Sanitization: No sanitization steps are documented in the skill's usage patterns.
Audit Metadata