cloud-run
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the @google-cloud/cloud-run-mcp package from a well-known service provider to extend agent capabilities with specialized Google Cloud Run tools.
- [REMOTE_CODE_EXECUTION]: Executes the @google-cloud/cloud-run-mcp package using npx. This dependency originates from a trusted source and is part of the intended deployment functionality.
- [COMMAND_EXECUTION]: Utilizes the Bash tool to execute gcloud, docker, and curl commands for service deployment, configuration, and verification.
- [DATA_EXFILTRATION]: Accesses service configurations and application logs through gcloud run services describe and gcloud run services logs read, which is necessary for monitoring and debugging.
- [PROMPT_INJECTION]: The skill processes untrusted data from application logs through commands like gcloud run services logs read. This presents an indirect prompt injection surface. Evidence: 1. Ingestion points: gcloud run services logs read in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Bash, gcloud, docker, curl tools. 4. Sanitization: Absent.
Audit Metadata