google-app-engine
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The content consists of instructional text and templates without any patterns suggesting attempts to override agent behavior or bypass safety filters.
- [Credentials/Data Exposure] (SAFE): No sensitive credentials or secrets are hardcoded. The skill uses descriptive placeholders and explicitly instructs users to use Google Cloud Secret Manager instead of environment variables for secrets.
- [External Downloads/RCE] (SAFE): All suggested dependencies are standard, well-known libraries from PyPI (e.g., gunicorn, google-cloud-secret-manager, google-cloud-storage). No remote script execution patterns (like
curl | bash) were detected. - [Privilege Escalation] (SAFE): IAM policy commands in the troubleshooting guide are standard for the Google App Engine environment and are intended for the user to execute to resolve legitimate permission errors.
- [Indirect Prompt Injection] (LOW): 1. Ingestion points: app.yaml handlers and static file configuration paths. 2. Boundary markers: Absent. 3. Capability inventory: Instruction-based gcloud CLI commands in documentation. 4. Sanitization: Not applicable to this documentation-centric skill.
Audit Metadata