codex-gemini
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of instructional text and contains no executable code, scripts, or automated commands.
- [DATA_EXPOSURE]: The instructions recommend storing API keys in a local file (~/.gemini.env) rather than in the repository. This is a standard security practice for managing secrets and prevents accidental credential exposure.
- [EXTERNAL_DOWNLOADS]: The skill references an official Google domain (aistudio.google.com) for the user to generate their own API key, which is a recognized and legitimate service.
Audit Metadata