Skills
skills/pure-maple/cc-mmo-plugin/gemini-delegation/Gen Agent Trust Hub

gemini-delegation

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill is designed to take user-provided requirements and pass them to an external LLM (Gemini) for code generation. This creates a surface where malicious instructions embedded in design requirements could influence the output.
  • Ingestion points: The PROMPT argument in the mcp__gemini__gemini tool call (referenced in SKILL.md).
  • Boundary markers: Partially mitigated by the instruction OUTPUT: Unified Diff Patch ONLY, which attempts to constrain the model's output format.
  • Capability inventory: Uses mcp__gemini__gemini to generate UI/UX code (React, Vue, CSS). The skill explicitly recommends sandbox=True to limit the execution environment's risk.
  • Sanitization: No input sanitization or validation of the provided prompt is defined within the skill itself.
  • [Command Execution] (LOW): The skill utilizes the mcp__gemini__gemini tool. While this tool can generate and potentially lead to the execution of code, the skill's recommendation to enable sandbox=True is a standard security best practice for this capability.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 06:36 AM