google-agents-cli-publish
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- Official Tool Installation: The skill instructs the agent to install
google-agents-cliusing theuvtool. This is a standard method for deploying the vendor's provided utility to the environment. - Command-Line Operations: The skill utilizes
agents-clifor registering agent resources. This involves executing shell commands to interact with Google Cloud's Gemini Enterprise APIs, which is the primary intended function of the skill. - Data Ingestion Surface: The tool is designed to read
deployment_metadata.jsonand agent card JSON files from remote URLs to automate the registration process. While ingesting external data is a security consideration, in this context, it is a documented feature used for property auto-detection and metadata synchronization. - Environment Configuration: The skill suggests using environment variables (e.g.,
AGENT_RUNTIME_ID) to manage configuration. This follows security best practices for avoiding hardcoded identifiers in scripts or prompts.
Audit Metadata