gemini
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to assemble and run shell commands for the
geminiCLI. It includes specific guidance on using flags such as--sandboxfor read-only analysis and--approval-modefor edits. The risk of command injection is addressed by suggesting the use of pipes for large context and requiring explicit user permission before using dangerous flags like--yolo. - [EXTERNAL_DOWNLOADS]: The skill requires the
@google/gemini-clipackage. This dependency originates from a trusted organization (Google) and is documented as a prerequisite for the skill's functionality. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes untrusted workspace data. However, the instructions mitigate this risk by requiring the agent to use a sandbox by default, verify model identities, and treat external AI outputs as peers rather than authoritative sources.
Audit Metadata