gemini
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill defines an installation procedure using the Homebrew package manager to fetch the 'gemini-cli' formula.
- [COMMAND_EXECUTION]: The skill instructs the agent to interact with the 'gemini' binary for model querying and extension management.
- [PROMPT_INJECTION]: The skill presents an interface for passing natural language prompts to a language model, which constitutes a surface for indirect prompt injection when processing untrusted data.
- Ingestion points: CLI prompt arguments described in SKILL.md.
- Boundary markers: None provided to delimit user-provided content from instructions.
- Capability inventory: The tool interacts with the Gemini API; the skill itself does not define additional file-system or network operations beyond the tool's core functionality.
- Sanitization: No sanitization or escaping logic is applied to interpolated content.
Audit Metadata