gcloud-cli
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides installation instructions that fetch the official Google Cloud SDK from well-known domains (sdk.cloud.google.com and dl.google.com).
- [COMMAND_EXECUTION]: The gcloud-cli operations are performed by spawning the gcloud binary. The implementation in scripts/main.cjs uses shell: false, which prevents shell-level command injection by ensuring arguments are not interpreted by a shell environment.
- [PROMPT_INJECTION]: Analyzed for indirect prompt injection surface. 1. Ingestion points: Command-line arguments via process.argv in scripts/main.cjs. 2. Boundary markers: None present. 3. Capability inventory: Spawns the gcloud binary in scripts/main.cjs. 4. Sanitization: Uses shell: false to ensure arguments are passed safely to the subprocess.
Audit Metadata