Skills
skills/vcnoc/claude-code-zen-mcp-skill-work/deep-gemini/Gen Agent Trust Hub

deep-gemini

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the mcp__zen__clink tool to invoke the gemini CLI within a Windows Subsystem for Linux (WSL) environment. This execution is scoped to analysis tasks and uses hardcoded CLI names, which is a standard operational pattern for this vendor's tools.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes external code files and technical data.
  • Ingestion points: Files are gathered using the Read tool and passed to the mcp__zen__clink tool via the files parameter for analysis.
  • Boundary markers: While the tool instructions are clearly delimited in the prompts, there are no explicit instructions for the AI to ignore potentially malicious embedded commands within the analyzed code files.
  • Capability inventory: The skill has the capability to execute specific CLI commands via clink, perform multi-step document generation via docgen, and save files to the local file system using the Write tool.
  • Sanitization: The skill does not implement explicit sanitization or filtering of the input file content before analysis, relying instead on the specialized documentation tools to handle the data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 08:25 PM