genkit-infra-expert
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or behaviors detected. The skill follows infrastructure-as-code best practices and provides clear documentation for secure deployment.
- [COMMAND_EXECUTION]: The skill facilitates infrastructure management by executing
terraformandgcloudcommands. These actions are appropriately scoped via theallowed-toolsmetadata to prevent arbitrary command execution. - [COMMAND_EXECUTION]: Includes a utility script,
scripts/init-terraform.sh, which generates standard boilerplate configuration for Terraform. This is an expected feature for an infrastructure-focused skill. - [DATA_EXFILTRATION]: The skill promotes secure handling of sensitive data by demonstrating how to use Google Cloud Secret Manager for API keys, effectively preventing the exposure of credentials in configuration files.
Audit Metadata