skills/jeremylongshore/claude-code-plugins-plus-skills/google-cloud-agent-sdk-master/Gen Agent Trust Hub
google-cloud-agent-sdk-master
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions in
references/SKILL.full.mdto install theagent-starter-packandgoogle-cloud-aiplatformpackages usingpipanduvx. These tools are associated with official Google Cloud repositories and well-known registries. - [INDIRECT_PROMPT_INJECTION]: The skill facilitates the creation of Retrieval-Augmented Generation (RAG) agents and uses tools like
WebSearchandWebFetch. This creates a surface where external, untrusted content from web searches or document stores could influence the agent's behavior. - Ingestion points: Untrusted data enters via
WebSearch,WebFetch, and RAG tools (VectorSearchTool,VertexAISearchTool) as described inSKILL.mdandreferences/SKILL.full.md. - Boundary markers: The instructions do not explicitly specify boundary markers for external content, though they recommend using specific models like Gemini.
- Capability inventory: The skill uses
Read,WebFetch,WebSearch, andGreptools. - Sanitization: No specific sanitization or filtering logic is provided for the content retrieved from external sources.
Audit Metadata