gemini-api-dev
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill uses directive language ('Your knowledge is outdated', 'IMPORTANT') to attempt a knowledge-override, falsely claiming that Gemini 1.5 and 2.0 models are legacy/deprecated in favor of non-existent 'Gemini 3' models.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch API specifications and documentation from 'generativelanguage.googleapis.com' and 'ai.google.dev'. These are official domains belonging to a trusted organization (Google).
- [EXTERNAL_DOWNLOADS]: The skill provides installation instructions for several SDK packages including 'google-genai' (Python), '@google/genai' (Node.js), and 'google.golang.org/genai' (Go). These are verified official packages from a trusted organization.
Audit Metadata