gemini-cli
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No attempts to override agent behavior or extract system prompts were found.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or malicious exfiltration patterns detected. The tool handles API keys securely via environment variables.
- [Obfuscation] (SAFE): No obfuscated content, homoglyphs, or hidden characters identified.
- [Unverifiable Dependencies & Remote Code Execution] (LOW): Installation instructions reference the trusted '@google' NPM scope and the trusted 'google-gemini' GitHub organization. The 'skills install' feature is a documented capability requiring user consent.
- [Indirect Prompt Injection] (LOW): The tool has surfaces for indirect injection through web fetching and file reading, but mitigates these via a robust security model involving sandboxing and a fine-grained Policy Engine.
- [Privilege Escalation] (SAFE): No unauthorized privilege escalation patterns found. The tool emphasizes restricted, containerized execution.
Audit Metadata