skill-gemini-google-search-tool
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to clone the tool's source code from the author's GitHub repository (https://github.com/dnvriend/gemini-google-search-tool.git).
- [COMMAND_EXECUTION]: The skill provides instructions for enabling shell autocompletion, which involves adding an eval command to user shell profile files like ~/.bashrc or ~/.zshrc. This is a standard and expected configuration for CLI tools.
- [PROMPT_INJECTION]: The skill utilizes Google Search grounding to retrieve real-time information from the web, which introduces a potential surface for indirect prompt injection. Evidence: (1) Ingestion points: External web content via Google Search results. (2) Boundary markers: No explicit delimiters or instructions to ignore embedded commands are documented in the skill instructions. (3) Capability inventory: The tool performs shell commands and network requests to Google APIs. (4) Sanitization: No explicit sanitization or filtering of search results is mentioned in the provided skill file. This risk is inherent to the tool's intended purpose of search grounding.
Audit Metadata