gcp-logs-monitoring
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
gcloudCLI commands via local shell scripts (read_logs.sh,read_metrics.sh,check_prereqs.sh) to perform environment checks, read Cloud Logging entries, and fetch Cloud Monitoring metrics. All user-provided arguments like filters and project IDs are passed as quoted shell variables, which prevents basic command injection. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources (Google Cloud logs and metrics).
- Ingestion points: Data enters the agent context through the output of
scripts/read_logs.shandscripts/read_metrics.sh. - Boundary markers: The skill lacks explicit boundary markers or instructions to the LLM to ignore potentially malicious commands embedded within the retrieved log data.
- Capability inventory: The agent has the capability to execute shell commands and file operations, which could be targeted if an injection is successful.
- Sanitization: No sanitization or filtering of the retrieved log/metric content is performed before it is processed by the agent.
Audit Metadata