Skills
skills/gemini-cli-extensions/alloydb-omni/alloydb-omni-performance/Gen Agent Trust Hub

alloydb-omni-performance

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The scripts use npx --yes to ensure the @toolbox-sdk/server@1.1.0 package is available, which may involve downloading it from the npm registry at runtime.
  • [REMOTE_CODE_EXECUTION]: The skill executes code from a remote versioned package (@toolbox-sdk/server) during tool invocation. This package is an expected component of the tool's infrastructure.
  • [COMMAND_EXECUTION]: Each script uses child_process.spawn to invoke the toolbox server. On Windows platforms, this is executed via a shell (shell: true) with specific escaping logic for command arguments.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection via SQL parameters. Ingestion points: sql and query parameters in execute_sql.js and get_query_plan.js. Boundary markers: None identified in script logic. Capability inventory: SQL execution and database statistics retrieval via spawn. Sanitization: No validation or sanitization is performed on user-supplied queries before they are passed to the database.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 05:18 AM