Skills
skills/alexei-led/cc-thingz/using-cloud-cli/Gen Agent Trust Hub

using-cloud-cli

Fail

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill explicitly instructs the agent to access sensitive credential stores and private key files. Evidence in SKILL.md includes commands like cat ~/.aws/credentials and troubleshooting steps for service account activation using gcloud auth activate-service-account --key-file=key.json.
  • [COMMAND_EXECUTION]: The helper script scripts/bq-cost-check.sh is vulnerable to shell command injection. It accepts a user-provided query as a positional argument and interpolates it directly into a subshell execution without proper sanitization. Evidence: result=$(bq query --dry_run --use_legacy_sql=false --format=json "$QUERY" 2>&1).
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by processing untrusted user data (SQL queries) through shell scripts and CLI tools without any boundary markers or validation.
  • Ingestion points: scripts/bq-cost-check.sh (argument $1).
  • Boundary markers: Absent.
  • Capability inventory: Bash tool and bq query command execution.
  • Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 14, 2026, 08:42 PM