Skills
skills/x-zero-l/gemini-cli-skill/gemini-cli/Gen Agent Trust Hub

gemini-cli

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [Command Execution] (LOW): The skill's primary function is to execute shell commands (gemini, node). This is the intended behavior for interacting with local tools and is restricted to the local environment's permissions.
  • [Indirect Prompt Injection] (LOW): The skill is designed to read and process local files (e.g., using @path or @. syntax) which creates a surface for indirect prompt injection if those files contain malicious instructions.
  • Ingestion points: Local files and directories are ingested via the @ reference system in SKILL.md examples.
  • Boundary markers: No specific boundary markers or 'ignore' instructions are defined to separate file content from the system prompt.
  • Capability inventory: The skill can execute the gemini binary and node scripts, allowing for file system reads and network communication with Google's APIs.
  • Sanitization: No sanitization or filtering of file content is specified before the data is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:00 PM