cloud-tasks-queue-setup
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill requests
Bash(gclou d:*)permissio n s, granting it the abilit y t o e x e c u t e a n y Googl e Clou d CLI c o m m a n d. T h i s i s o v e r l y b r o a d f o r t h e s t a t e d p u r p o s e a n d c o u l d b e a b u s e d t o a c c e s s o r d e l e t e s e n s i t i v e r e s o u r c e s. - [PROMPT_INJECTION] (HIGH): The skill is highl y v u l n e r a b l e t o Indirec t Prom p t Inj e c t i o n d u e t o i t s r e l i a n c e o n u n t r u s t e d u s e r i n p u t w i t h o u t b o u n d a r y m a r k e r s o r s a n i t i z a t i o n.
- Ingestio n p o i n t s: U s e r p r o m p t s f o r c l o u d t a s k s s e t u p.
- Boundar y m a r k e r s: A b s e n t.
- Cap a b i l i t y i n v e n t o r y: A r b i t r a r y g c l o u d c o m m a n d e x e c u t i o n v i a B a s h, f i l e W r i t e a n d E d i t a c c e s s.
- Sanitiz a t i o n: N o n e d e f i n e d, a l l o w i n g m a l i c i o u s c o m m a n d s t o b e i n j e c t e d d i r e c t l y i n t o t h e s h e l l e n v i r o n m e n t.
Recommendations
- AI detected serious security threats
Audit Metadata