gcp-cloud-run
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No prompt injection patterns or attempts to override agent behavior were detected in the skill instructions.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or other sensitive credentials were found. Deployment templates correctly use environment variables and service-based authentication.
- [EXTERNAL_DOWNLOADS]: The skill references official Google Cloud container images (e.g., gcr.io/cloud-builders/docker) and well-known Node.js packages. These are trusted sources following standard development practices.
- [REMOTE_CODE_EXECUTION]: No remote code execution vulnerabilities or suspicious script downloads were identified.
- [COMMAND_EXECUTION]: The skill uses standard CLI commands (gcloud, docker) intended for its primary purpose of application deployment and management.
- [DATA_EXFILTRATION]: No evidence of unauthorized data access or exfiltration was found. Network operations are limited to standard application logic and deployment to official Google Cloud services.
Audit Metadata