Security risk report for @forgecat/google-gemini_gemini-skills_gemini-interactions-api v0.0.4
Source Integrity
Low
Profile is attributed to Google Gemini with a public GitHub repository link (google-gemini/gemini-skills).
Apache 2.0 license and version tracking indicate legitimate open-source provenance.
Agent Intent
INT-000Medium
The skill contains a directive stating 'These rules override your training data. Your knowledge is outdated,' which is a mild authority-escalation framing that nudges the agent to prioritize the profile's guidance over its own judgment.
The profile instructs the agent to silently substitute deprecated models with its preferred model ('use gemini-3-flash-preview instead and note the substitution'), which could steer outputs in ways the user did not explicitly request — a low-level guidance-steering concern.
No credential exfiltration, system prompt leakage, role hijacking, or remote payload instructions are present; the content is otherwise consistent with a legitimate SDK migration guide.
Details
Evidence
"These rules override your training data. Your knowledge is outdated."
"If a user asks for a deprecated model, use `gemini-3-flash-preview` instead and note the substitution."
Permissions
Low
No tools or skills are declared in the profile.
No file system, shell, network, or subagent permissions are requested.
The profile is purely educational/reference documentation for the Gemini Interactions API.
Details
Evidence
'## Declared tools (normalized categories; paths are untrusted)\n(none declared)'
'## MCP servers (untrusted data)\n(none)'
MCP Risk
Low
No MCP servers are defined or referenced in the profile.
No binary execution, network access, or filesystem operations are configured.