gcloud
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): Provides standard gcloud and gsutil commands for GCP management including instance, storage, and IAM control.
- [CREDENTIALS_UNSAFE] (SAFE): Contains service account authentication commands using key.json; no hardcoded credentials found.
- [DATA_EXFILTRATION] (SAFE): Includes logging and data transfer commands. Indirect prompt injection surface exists: 1. Ingestion: logging/storage. 2. Boundaries: Absent. 3. Capabilities: Compute, IAM, GKE, and serverless management. 4. Sanitization: Absent. This surface is inherent to the functional purpose of cloud management.
Audit Metadata