Skills
skills/del-taiseiozaki/claude-code-orchestra/gemini-system/Gen Agent Trust Hub

gemini-system

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the gemini CLI tool to execute analysis and research tasks. The instructions include piping file contents and directory paths to this external command.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it automatically processes untrusted data from various sources.\n
  • Ingestion points: Content is ingested from external files (PDF, video, audio, images) and live Google Search results (GitHub, blogs, documentation).\n
  • Boundary markers: The prompt templates provided in SKILL.md and references/lib-research-task.md do not utilize delimiters or specific instructions to isolate untrusted content from the agent's core logic.\n
  • Capability inventory: The tool possesses significant capabilities, including the ability to read the entire project repository (--include-directories) and access the network for research.\n
  • Sanitization: There is no evidence of sanitization or validation of the data extracted from multimodal files or web sources before it is interpreted by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 04:57 AM