google-adk-python
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill contains many references to files on 'github.com/google/adk-docs'. As 'google' is an explicitly trusted organization, these downloads are considered safe.
- [COMMAND_EXECUTION] (LOW): Instructions in 'SKILL.md' suggest using 'run_shell_command' with 'curl' to retrieve content from documentation URLs. This is a low-severity finding because the tool is used for read-only retrieval from trusted sources for educational purposes.
- [PROMPT_INJECTION] (LOW): Category 8 (Indirect Prompt Injection): The skill is susceptible to indirect prompt injection because it processes content from external documentation sources. 1. Ingestion points: External URLs listed in the 'references/' directory. 2. Boundary markers: Absent; the instructions do not include delimiters or warnings to ignore embedded instructions. 3. Capability inventory: 'web_fetch', 'run_shell_command' (curl). 4. Sanitization: Absent; content is fetched and intended to be displayed directly to the user.
Audit Metadata