Skills
skills/kastalien-research/rooskills/gemini-cli/Gen Agent Trust Hub

gemini-cli

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill includes numerous links to documentation and installation resources hosted on google-gemini.github.io, the official site for the Gemini CLI tool.
  • [COMMAND_EXECUTION]: Describes the run_shell_command tool, which allows the agent to execute shell commands and scripts in the local environment to facilitate development workflows.
  • [DATA_EXFILTRATION]: References the web_fetch tool, which enables the agent to access and retrieve data from web pages for analysis and summarization.
  • [PROMPT_INJECTION]: The skill documents a toolset that processes untrusted external data (via web fetching and file reading) while maintaining high-privilege capabilities (shell access and file system modification), creating a surface for indirect prompt injection.
  • Ingestion points: references/documentation_index.md (mentions of web_fetch and multi-file tools)
  • Boundary markers: None identified in the skill's instructions to separate untrusted content from agent instructions.
  • Capability inventory: run_shell_command, web_fetch, and file system tools (reading, writing, and searching).
  • Sanitization: The instruction set does not detail specific sanitization or escaping procedures for external data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 01:07 PM