Skills
skills/takuan-osho/ccmarketplace/gemini-search/Gen Agent Trust Hub

gemini-search

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill directs the agent to execute shell commands incorporating user-provided input (e.g., gemini --prompt "WebSearch: <query>"). This pattern is highly susceptible to shell command injection if the input is not strictly sanitized or escaped by the agent platform.
  • [PROMPT_INJECTION] (HIGH): The skill possesses a significant Indirect Prompt Injection surface (Category 8). It ingests untrusted data from the web via the gemini CLI.
  • Ingestion points: Output from the gemini CLI command.
  • Boundary markers: None. There are no instructions to the agent to treat the CLI output as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill has command execution capabilities, making it dangerous if search results contain malicious instructions that the agent might follow.
  • Sanitization: None. The skill lacks any mechanism to filter or escape content retrieved from the web before the agent processes it.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:29 AM