gemini-sdk-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists of documentation and code snippets for using the Gemini SDK. No unauthorized command execution, credential theft, or network exfiltration was found.
- [Indirect Prompt Injection] (LOW): The skill describes processing untrusted multimodal data (video, audio, PDFs), which is a known surface for indirect prompt injection.
- Ingestion points:
model.generateContentandcreateContextCachemethods process external files and user-provided text. - Boundary markers: The skill recommends using
responseSchema(Structured Output) to constrain model behavior. - Capability inventory: While the skill itself has no executable scripts, it provides templates for building agents with tool-calling capabilities (documented in
function-calling.md). - Sanitization: The skill explicitly instructs developers to perform input sanitization, use confirmation gates for sensitive actions, and sandbox any executed code (documented in
function-calling.md, Section 5).
Audit Metadata