gcloud
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and runs the Google Cloud SDK installer from dl.google.com. Evidence:
curl -O https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-linux-x86_64.tar.gzand./google-cloud-sdk/install.shinSKILL.md. - [EXTERNAL_DOWNLOADS]: Installs the
firebase-toolspackage from the npm registry. Evidence:npm install -g firebase-toolsinSKILL.md. - [COMMAND_EXECUTION]: Executes shell commands to manage infrastructure, including remote command execution on VM instances via SSH. Evidence: Multiple
gcloudandfirebasecommands inSKILL.md. - [DATA_EXFILTRATION]: Provides instructions for accessing sensitive cloud information, such as secrets and system logs, and includes commands for modifying bucket permissions. Evidence:
gcloud secrets versions access,gcloud logging read, andgsutil iam ch allUsers:objectViewerinSKILL.md. - [PROMPT_INJECTION]: Identifies an indirect prompt injection surface (Category 8) when processing external data sources. Evidence: 1. Ingestion points:
gcloud logging read,gcloud compute instances get-serial-port-output,gcloud secrets versions accessinSKILL.md. 2. Capability inventory: System command execution, cloud administrative access, remote SSH execution. 3. Boundary markers: Absent. 4. Sanitization: Absent.
Audit Metadata