Skills
skills/firebase/skills/developing-genkit-python/Gen Agent Trust Hub

developing-genkit-python

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Instructions in references/dev-workflow.md advise users to append environment variable exports to their shell configuration file (~/.zshrc) for API key persistence.
  • [EXTERNAL_DOWNLOADS]: The skill provides commands to download and execute an installation script for the uv tool from its official domain at https://astral.sh/uv/install.sh.
  • [PROMPT_INJECTION]: The skill documents an evaluation system in references/evals.md that is susceptible to indirect prompt injection. 1. Ingestion points: Data is processed from datasets/my_dataset.json. 2. Boundary markers: No explicit delimiters or instruction overrides are used in the provided code samples. 3. Capability inventory: The system utilizes ai.generate and ai.define_evaluator to process external data. 4. Sanitization: No sanitization or input validation logic is included in the examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 01:21 AM