bigquery-ai-ml
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection Surface: The
AI.GENERATEfunction documented inreferences/ai_generate.mdprocesses content from database tables by incorporating it directly into model prompts. This is a common pattern for processing structured and unstructured data with generative models. - Ingestion points: Data from table columns, such as
article_contentandinvoice_text, are used as inputs for generation inreferences/ai_generate.md. - Boundary markers: Examples show string concatenation; implementing delimiters or specific instructions to ignore embedded content is a standard practice for production workloads.
- Capability inventory: The function facilitates content generation, summarization, and structured data extraction through BigQuery's native Vertex AI integration.
- Sanitization: The examples focus on SQL syntax; data-level sanitization would typically be handled at the application or data pipeline layer.
- External Resource Integration: The documentation demonstrates using BigQuery object tables and connections to access Google Cloud Storage buckets (e.g.,
gs://cloud-samples-data/). These operations use established cloud identity and access management (IAM) permissions within the BigQuery environment.
Audit Metadata