gcp-cloud-run

Enables the development of serverless applications on GCP, focusing on Cloud Run services and event-driven functions.

Install this skill

or

38/100

Security score

The gcp-cloud-run skill was audited on May 12, 2026 and we found 22 security issues across 5 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 95

Template literal with variable interpolation in command context

SourceSKILL.md

95	console.log(`Server listening on port ${PORT}`);

medium line 170

Template literal with variable interpolation in command context

SourceSKILL.md

170	res.send(`Hello, ${name}!`);

medium line 199

Template literal with variable interpolation in command context

SourceSKILL.md

199	console.log(`Event: ${cloudEvent.type}`);

medium line 200

Template literal with variable interpolation in command context

SourceSKILL.md

200	console.log(`Bucket: ${file.bucket}`);

medium line 201

Template literal with variable interpolation in command context

SourceSKILL.md

201	console.log(`File: ${file.name}`);

medium line 461

Template literal with variable interpolation in command context

SourceSKILL.md

461	console.log(`Published message ${messageId}`);

medium line 502

Template literal with variable interpolation in command context

SourceSKILL.md

502	host: `/cloudsql/${process.env.INSTANCE_CONNECTION_NAME}`,

medium line 583

Template literal with variable interpolation in command context

SourceSKILL.md

583	name: `projects/${projectId}/secrets/${name}/versions/latest`

medium line 161

Webhook reference - potential data exfiltration

SourceSKILL.md

161	When to use: Simple event handlers,Pub/Sub message processing,Cloud Storage triggers,HTTP webhooks

medium line 1211

Webhook reference - potential data exfiltration

SourceSKILL.md

1211	## Handle long-running with webhooks

low line 93

Access to .env file

SourceSKILL.md

93	const PORT = process.env.PORT \|\| 8080;

low line 498

Access to .env file

SourceSKILL.md

498	user: process.env.DB_USER,

low line 499

Access to .env file

SourceSKILL.md

499	password: process.env.DB_PASS,

low line 500

Access to .env file

SourceSKILL.md

500	database: process.env.DB_NAME,

low line 502

Access to .env file

SourceSKILL.md

502	host: `/cloudsql/${process.env.INSTANCE_CONNECTION_NAME}`,

low line 571

Access to .env file

SourceSKILL.md

571	const apiKey = process.env.API_KEY;

low line 182

Buffer.from base64 decode

SourceSKILL.md

182	? JSON.parse(Buffer.from(message.data, 'base64').toString())

low line 426

Buffer.from base64 decode

SourceSKILL.md

426	? JSON.parse(Buffer.from(message.data, 'base64').toString())

low line 406

External URL reference

SourceSKILL.md

406	--push-endpoint https://my-service-xxx.run.app/pubsub \

low line 759

External URL reference

SourceSKILL.md

759	response = await client.get("https://api.example.com/data")

low line 836

External URL reference

SourceSKILL.md

836	"url": "https://my-service.run.app/process",

low line 1258

External URL reference

SourceSKILL.md

1258	"url": "https://worker.run.app/process",

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 21.5K

Rate this skill

Categorydevelopment

UpdatedMay 20, 2026

frontend design docx git api database testing devops mobile backend backend-developer devops-sre data-engineer gcp docker development

sickn33/antigravity-awesome-skills