Skills
skills/googlecloudplatform/cloud-foundation-fabric/fabric-builder/Gen Agent Trust Hub

fabric-builder

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill retrieves module metadata, README files, and Terraform variable definitions from the official Google Cloud Foundation Fabric repository on GitHub via a local Python helper script.
  • [COMMAND_EXECUTION]: Utilizes a local Python script (scripts/fabric.py) to automate data retrieval from the GitHub API and recommends using standard terraform CLI tools (fmt, validate, plan) to check generated code.
  • [PROMPT_INJECTION]: The skill processes external data fetched from GitHub, which presents a surface for indirect prompt injection.
  • Ingestion points: Module READMEs and variable files are fetched by scripts/fabric.py from the remote repository.
  • Boundary markers: The script wraps fetched content in <BEGIN> and <END> delimiters to distinguish it from the agent's instructions.
  • Capability inventory: The skill has the ability to execute the fabric.py script and standard terraform commands.
  • Sanitization: The script performs basic sanitization by stripping standard license and copyright headers using regular expressions before presenting the data to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 10:45 PM
Security Audit — agent-trust-hub — fabric-builder