The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local Python scripts and invokes system binaries like gcloud and curl for authentication and API communication. These calls use argument lists rather than shell strings, and potential inputs (like project IDs or bucket names) are sanitized using robust regular expressions in validation.py to mitigate command injection risks.
[DATA_EXFILTRATION]: Network operations are exclusively directed toward official Google Cloud API endpoints (*.googleapis.com). Sensitive credentials, such as Bearer tokens, are managed securely by writing them to temporary files with 0600 permissions before being read by curl, preventing exposure in the system's process list.
[PROMPT_INJECTION]: The skill's instructions focus on providing structured security assessments. No attempts to override agent behavior, bypass safety filters, or extract system prompts were detected.
[REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. All logic is self-contained within the provided Python scripts, and no dynamic execution of untrusted code (such as eval or exec) is performed.

gcs-security-assessment