invoking-gemini
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's code or instructions. The skill follows best practices for credential management by using environment-specific files rather than hardcoded keys.
- [EXTERNAL_DOWNLOADS]: The skill facilitates network communication with Cloudflare AI Gateway and Google's Generative Language API. These are recognized as well-known and trusted services used for their intended purpose.
- [PROMPT_INJECTION]: The skill functions as an interface for LLM models and processes untrusted user data, which constitutes an indirect prompt injection surface. 1. Ingestion points: The prompt argument in functions invoke_gemini, invoke_with_structured_output, invoke_parallel, and generate_image within gemini_client.py. 2. Boundary markers: Absent; user prompts are passed directly to the model. 3. Capability inventory: Network access to model API endpoints and file system access for reading images and writing generated results. 4. Sanitization: None; input prompts are not validated or sanitized before processing.
Audit Metadata