Skills
skills/x-cmd/skill/gemini/Gen Agent Trust Hub

gemini

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for utilizing the x gemini and @gemini command-line interfaces to interact with Google Gemini AI models for tasks such as chat, file translation, and image analysis.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted data from local files (e.g., images, markdown files) using an LLM, which introduces a potential surface for indirect prompt injection. This is a common characteristic of AI integration tools and is considered a low risk in this context.
  • Ingestion points: Local files passed via the --file argument in SKILL.md (e.g., ./pic.jpg, ./abstract.en.md).
  • Boundary markers: Absent; the instructions do not specify the use of delimiters or "ignore" instructions for external content.
  • Capability inventory: Uses the x gemini tool to communicate with external AI services.
  • Sanitization: Absent; there is no mention of content filtering or validation before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 05:40 AM
Security Audit — agent-trust-hub — gemini