google-gemini-file-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references the '@google/genai' package for interacting with Google APIs. While this appears to be a typographical error for the official '@google/generative-ai' package, both are within the trusted '@google' organizational scope on npm, mitigating typosquatting risks.
- [CREDENTIALS_UNSAFE] (SAFE): The script 'scripts/create-store.ts' correctly handles the Google API key by retrieving it from an environment variable (GOOGLE_API_KEY) rather than hardcoding it in the source code.
- [PROMPT_INJECTION] (SAFE): The skill is designed for Retrieval-Augmented Generation (RAG), which inherently involves processing untrusted external data. While this presents a surface for Indirect Prompt Injection, the risk is inherent to the skill's primary purpose.
- Ingestion points: Users are instructed to upload documents via planned scripts (e.g., upload-batch.ts).
- Boundary markers: Not explicitly defined in the current architectural documentation.
- Capability inventory: The skill uses the Google Gemini SDK to create and query search stores.
- Sanitization: No specific sanitization logic is implemented for document content, which is typical for RAG framework templates.
Audit Metadata