Skills
skills/vm0-ai/vm0-skills/google-cloud/Gen Agent Trust Hub

google-cloud

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use curl and jq to perform network requests and process JSON data from Google Cloud Platform APIs.
  • [DATA_EXFILTRATION]: The skill includes functionality to access sensitive data, specifically retrieving secret payloads from Google Secret Manager (secretmanager.googleapis.com) and downloading object content from Cloud Storage buckets (storage.googleapis.com). These operations are consistent with the primary resource management purpose of the skill.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes data from external sources that can be controlled by users or external entities (e.g., logs, file contents, and secret payloads).
  • Ingestion points: Data is ingested from Cloud Storage objects, Secret Manager versions, Logging entries, and BigQuery results (SKILL.md).
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are included for data retrieved from APIs.
  • Capability inventory: The skill utilizes subprocess execution via curl and jq for all operations (SKILL.md).
  • Sanitization: There is no evidence of explicit sanitization or validation of the data retrieved from Google Cloud APIs before it is incorporated into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 01:52 AM
Security Audit — agent-trust-hub — google-cloud