Skills
skills/iamladi/cautious-computing-machine--sdlc-plugin/gemini/Gen Agent Trust Hub

gemini

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the gemini CLI for analysis tasks and utilizes system tools such as ps, lsof, kill, and pkill to manage potentially hung background processes.
  • [DATA_EXFILTRATION]: The skill transmits workspace context, including code and architectural plans, to the external Gemini API via the CLI for its intended analysis functionality.
  • [PROMPT_INJECTION]: The skill processes untrusted workspace data, creating a surface for potential indirect prompt injection.
  • Ingestion points: Code and plan analysis tasks ingest content from the user's local workspace.
  • Boundary markers: The skill does not use explicit delimiters or instructions to ignore embedded commands within the processed files.
  • Capability inventory: The skill utilizes the gemini CLI and standard system process management commands.
  • Sanitization: There is no evidence of explicit input sanitization or validation performed on the workspace data before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:28 AM