gcp-cost-optimizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill accesses sensitive GCP billing information through
gcloudandbqcommands. This is the primary intended purpose of the skill and no unauthorized exfiltration patterns were detected. - [Command Execution] (SAFE): The instructions use standard cloud management CLI tools (
gcloud,bq). No evidence of privilege escalation, such assudo, or suspicious system modifications was found. - [Indirect Prompt Injection] (SAFE): The skill defines a surface for processing untrusted data (Ingestion points:
bq queryoutput in SKILL.md; Boundary markers: Absent; Capability inventory:gcloud recommendercalls in SKILL.md; Sanitization: Absent). However, this risk is mitigated by the fact that the skill is used for its primary intended purpose of cost analysis.
Audit Metadata