bigquery-view-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONNO_CODE
Full Analysis
- [Command Execution] (LOW): The skill frontmatter declares 'Bash(gcloud:*)' as an allowed tool. This grants the agent significant capability to execute cloud management commands, though this is aligned with the skill's stated purpose for GCP BigQuery tasks.
- [Indirect Prompt Injection] (LOW): The skill ingests user requests to generate code and configurations, creating a surface for potential injection. Evidence: 1. Ingestion points: User prompts requesting 'bigquery view generator' assistance. 2. Boundary markers: No delimiters or protective instructions are defined in the manifest. 3. Capability inventory: Bash (gcloud), Read, Write, and Edit tools. 4. Sanitization: No sanitization logic is present in this configuration file.
- [No Code] (SAFE): No scripts (.py, .js, .sh) or remote code dependencies were found; the file contains only YAML metadata and Markdown documentation.
Audit Metadata