Skills
skills/google/skills/agent-platform-deploy/Gen Agent Trust Hub

agent-platform-deploy

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • Administrative Command Execution: The skill uses gcloud and curl to manage cloud resources, including model deployment, endpoint creation, and deletion.
  • Evidence: Multiple instances in SKILL.md and references/copy_deploy_guide.md using gcloud ai and curl -X POST commands.
  • Context: These operations are the primary function of the skill. The instructions include a mandatory "Safety & Confirmation Tiers" framework (Tier R, M, and D) to ensure users explicitly approve mutating or destructive actions.
  • Identity and Access Management (IAM) Modifications: The skill provides instructions for adding IAM policy bindings to allow service agents to access models across different projects.
  • Evidence: gcloud projects add-iam-policy-binding ${SOURCE_PROJECT} --role="roles/aiplatform.serviceAgent" in references/copy_deploy_guide.md.
  • Context: This is a standard requirement for cross-project model copying in Vertex AI. The skill guides the user through verifying existing permissions before suggesting changes.
  • Local CLI Environment Configuration: A helper script modifies the local gcloud configuration, including setting the account and overriding API endpoints to a sandbox environment.
  • Evidence: scripts/config_gcloud_cli.sh executes gcloud config set account "${USER}"@google.com and api_endpoint_overrides/aiplatform.
  • Context: This configuration is specific to the vendor's internal or development workflows. Users should be aware that running this script will change their active gcloud profile and direct traffic to sandbox endpoints.
  • Indirect Prompt Injection Surface: The prediction verification script accepts user-provided text which is interpolated into a JSON payload for an API call.
  • Evidence: In SKILL.md, the PROMPT variable is used within a curl request: "content": "'"$PROMPT"'".
  • Context: While this represents a data ingestion point where untrusted input could influence the model's output, it is used for verifying successful deployment. The skill includes instructions for users to provide their own prompts, maintaining human-in-the-loop control.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 06:21 PM
Security Audit — agent-trust-hub — agent-platform-deploy