gcp-cloud-run
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references container images from trusted Google Cloud registries (gcr.io), including official cloud-builders and distroless images.
- [COMMAND_EXECUTION] (SAFE): Deployment logic utilizes standard 'gcloud' CLI commands. No arbitrary command execution or privilege escalation (sudo) was found.
- [DATA_EXFILTRATION] (SAFE): Network operations are restricted to standard Express.js and GCP Function Framework handlers. No unauthorized data access or exfiltration to non-whitelisted domains was identified.
- [PROMPT_INJECTION] (SAFE): No instructions within the markdown or code snippets attempt to bypass safety filters or override agent constraints.
- [DATA_EXPOSURE] (SAFE): Sensitive information is handled using placeholders (e.g., $PROJECT_ID) rather than hardcoded credentials or secrets.
Audit Metadata