gemini-cli-docs
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the Python
subprocessmodule to orchestrate its internal components and manage the runtime environment. Scripts such asscripts/core/scrape_all_sources.pyandscripts/management/refresh_index.pyrun other skill-resident scripts as subprocesses. Additionally,scripts/setup/setup_dependencies.pyexecutes system package managers (winget,choco,apt,pacman) andpipto ensure required and optional libraries are installed.\n- [EXTERNAL_DOWNLOADS]: The skill fetches documentation data fromgeminicli.comusing thellms.txtformat. It also performs downloads from official package registries like PyPI and system-level repositories to install dependencies and NLP models. These network operations are strictly limited to trusted or well-known services and are essential for the skill's primary librarian purpose.\n- [DATA_EXFILTRATION]: No evidence of sensitive data exposure or exfiltration was found. The skill implements path traversal protection inscripts/utils/script_utils.pyby validating that all base directory resolutions remain within the skill's own directory or the repository root.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted documentation content from the internet, which represents a potential attack surface.\n - Ingestion points: Documentation is fetched via the
requestslibrary fromgeminicli.cominscrape_docs.py.\n - Boundary markers: The skill organizes content into structured index entries and extracted subsections before being presented to the AI agent.\n
- Capability inventory: The skill is granted
Bashtool permissions and uses file system operations (write_file,replace).\n - Sanitization: The scraper uses
markdownifyandBeautifulSoupto process HTML content into Markdown, providing a layer of sanitization for the ingested data.\n- [DYNAMIC_EXECUTION]: Standard dynamic loading patterns are used for handling optional dependencies, such asimportlib.import_modulefor theyamllibrary. The skill also processes metadata provided as JSON via command-line arguments inscripts/management/manage_index.py, which is a standard operational pattern for this librarian tool.
Audit Metadata