skill-gemini-google-search-tool

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to clone the tool's source code from the author's GitHub repository (https://github.com/dnvriend/gemini-google-search-tool.git).
  • [COMMAND_EXECUTION]: The skill provides instructions for enabling shell autocompletion, which involves adding an eval command to user shell profile files like ~/.bashrc or ~/.zshrc. This is a standard and expected configuration for CLI tools.
  • [PROMPT_INJECTION]: The skill utilizes Google Search grounding to retrieve real-time information from the web, which introduces a potential surface for indirect prompt injection. Evidence: (1) Ingestion points: External web content via Google Search results. (2) Boundary markers: No explicit delimiters or instructions to ignore embedded commands are documented in the skill instructions. (3) Capability inventory: The tool performs shell commands and network requests to Google APIs. (4) Sanitization: No explicit sanitization or filtering of search results is mentioned in the provided skill file. This risk is inherent to the tool's intended purpose of search grounding.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 01:14 AM
Security Audit — agent-trust-hub — skill-gemini-google-search-tool