gcp-error-logs
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Vulnerability to Indirect Prompt Injection through untrusted log data.
- Ingestion points: External data enters via
scripts/fetch-errors.sh, which retrieves logs from Google Cloud Logging. These logs can contain arbitrary, attacker-controlled strings in error messages, stack traces, or payloads. - Boundary markers: The instructions do not define boundary markers (e.g., XML tags or specific delimiters) to separate instructions from the data being analyzed.
- Capability inventory: The agent possesses command-line execution capabilities (
bash,python3,gcloud). - Sanitization: There is no evidence of input sanitization or filtering to remove potential instructions from the log data before it is presented to the agent for analysis.
- [COMMAND_EXECUTION] (LOW): The skill relies on executing local scripts (
scripts/fetch-errors.sh,scripts/analyze-errors.py) and thegcloudCLI. While legitimate for this tool's purpose, users should verify the contents of these scripts before use.
Recommendations
- AI detected serious security threats
Audit Metadata