gcloud-cli

CRITICAL E004: Prompt injection detected in skill instructions.

• Potential prompt injection detected (high risk: 0.90). The prompt includes a "Memory Protocol" that instructs the agent to read and write .claude/context/memory files and to "ASSUME INTERRUPTION" (altering agent state/flow), which is outside the stated GCP CLI purpose and effectively injects control instructions that change agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill's installation steps explicitly fetch and execute remote code to install the required dependency (curl https://sdk.cloud.google.com | bash and https://dl.google.com/dl/cloudsdk/channels/rapid/GoogleCloudSDKInstaller.exe), so these URLs perform remote-code execution that the skill relies on.