bigquery
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill instructs the agent to use the
bqandgcloudCLI tools. These are standard tools for interacting with Google BigQuery. The commands are used for their intended purpose—querying data and managing project configurations. All execution templates include best practices like--dry_runfor cost estimation. - EXTERNAL_DOWNLOADS (SAFE): The documentation recommends an optional external plugin (
mozdata-claude-plugin) from a third-party GitHub repository. This is a reference for discovery tools rather than an automated script execution or installation of untrusted binaries. - DATA_EXFILTRATION (SAFE): While the skill accesses sensitive telemetry data, it operates within the user's authenticated Google Cloud environment. No patterns were found indicating the unauthorized transmission of data to external or non-whitelisted domains.
- INDIRECT_PROMPT_INJECTION (LOW): As a data-querying skill, it ingests output from BigQuery. While there is a theoretical surface for malicious data in telemetry to influence the agent, the skill is restricted to read-only SQL operations on specific Mozilla datasets, and it does not possess high-privilege write or execution capabilities over the results.
Audit Metadata