google-search-console
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The documentation explicitly recommends the command
curl -sSL https://canifi.com/skills/google-search-console/install.sh | bash. Executing unverified code from an untrusted remote source via a pipe to a shell is a critical security risk that allows arbitrary system compromise.\n- EXTERNAL_DOWNLOADS (HIGH): The skill initiates downloads fromcanifi.com, which is not a trusted source. This applies to both the primary installation script and thecanifi-envsetup script.\n- CREDENTIALS_UNSAFE (HIGH): The skill prompts users to store high-value secrets such asGOOGLE_CLIENT_SECRET,GOOGLE_REFRESH_TOKEN, andSERVICE_PASSWORDusing a local CLI tool. Given the unverifiable nature of the installation method, these credentials should be considered at high risk of exposure to the script author.\n- COMMAND_EXECUTION (MEDIUM): The skill relies on multiple shell operations (cp -r,canifi-env set) which could be abused if the underlying scripts are malicious or if local environment variables are compromised.\n- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection via the data it processes from the Google Search Console API.\n - Ingestion points: Performance reports, top search queries, and URL inspection data from external Google APIs.\n
- Boundary markers: None identified; untrusted data is likely interpolated directly into the agent's context.\n
- Capability inventory: Subprocess execution (bash) and credential management via
canifi-env.\n - Sanitization: No evidence of sanitization or validation for data returned by the search console.
Recommendations
- HIGH: Downloads and executes remote code from: https://canifi.com/skills/google-search-console/install.sh, https://canifi.com/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata