Skills
skills/b-open-io/gemskills/ask-gemini/Gen Agent Trust Hub

ask-gemini

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches current API documentation and model capabilities from Google's official ai.google.dev domain.
  • [COMMAND_EXECUTION]: The skill executes Bun-based TypeScript scripts to interact with the AI SDK. These scripts use dynamic imports to resolve and load internal utility modules from the plugin's installation directory.
  • [DATA_EXFILTRATION]: The skill reads local image files (up to 10) and transmits them to the Google Gemini API for processing. This behavior is the intended core functionality of the skill and is limited to files explicitly provided as arguments.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it interpolates user-provided text and image content into the AI request without using boundary markers, delimiters, or specific instructions to ignore embedded commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 04:48 PM