vertex-ai-api-dev
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [Instructional Knowledge Override]: The skill uses directive language to instruct the agent to favor the provided model information over its internal training data.
- Evidence: SKILL.md contains the directive 'Your knowledge is outdated' alongside a list of preview model versions.
- [Indirect Prompt Injection Surface]: This skill enables features that ingest data from external sources, which could contain untrusted instructions.
- Ingestion points: 'google_search' and 'url_context' (references/structured_and_tools.md).
- Boundary markers: Not explicitly shown in code samples.
- Capability inventory: 'code_execution', function calling, and media generation.
- Sanitization: Not explicitly shown in code samples.
- [External Dependency Management]: Reference samples include instructions for running third-party code via package managers like npx.
- Evidence: references/advanced_features.md includes a code block demonstrating the execution of an MCP server using 'npx -y @philschmid/weather-mcp'.
- [Dynamic Code Execution Capabilities]: The guide shows how to provide the agent with a sandboxed environment for running Python code.
- Evidence: references/structured_and_tools.md illustrates the use of the 'code_execution' tool.
Audit Metadata