Skills
skills/xfstudio/skills/gcp-cloud-run/Gen Agent Trust Hub

gcp-cloud-run

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOW
Full Analysis
  • [EXTERNAL_DOWNLOADS] (INFO): The skill references container images and packages from trusted Google sources.
  • Evidence: Uses gcr.io/cloud-builders/docker, gcr.io/google.com/cloudsdktool/cloud-sdk, and gcr.io/distroless/nodejs20-debian12. These fall under [TRUST-SCOPE-RULE] for the Google organization.
  • [INDIRECT_PROMPT_INJECTION] (INFO): The provided patterns for Express.js and Cloud Run Functions ingest untrusted data from HTTP request bodies, queries, and Pub/Sub messages.
  • Ingestion points: req.params.id in src/index.js, req.query.name and req.body.name in the HTTP Function snippet.
  • Boundary markers: None present in the boilerplate code.
  • Capability inventory: The skill provides instructions for deploying resources via gcloud and cloudbuild.yaml which can create public-facing endpoints (--allow-unauthenticated).
  • Sanitization: No explicit input sanitization is shown in the snippets (common for educational templates). Users should implement validation and sanitization when adapting this code for production.
  • [COMMAND_EXECUTION] (LOW): Includes gcloud CLI commands and Cloud Build configuration for deployment.
  • Finding: The commands are standard administrative operations for the GCP platform and do not contain malicious payloads or obfuscation.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 07:14 AM