googlecloudplatform/gcp-agent-safety-gatekeeper
ai-ml/dev-signal/.agent/skills/gcp-agent-safety-gatekeeper/SKILL.md
Implements the "Defense-in-Depth" integration pattern in Python (intercepting prompts, parsing filter results).
$ install --global
skillsauthnpx skillsauth add googlecloudplatform/devrel-demos gcp-agent-safety-gatekeeperInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 5, 2026, 1:59 PM6.8s2 files scanned
SKILL.md
- name:
- gcp-agent-safety-gatekeeper
- description:
- Implements the "Defense-in-Depth" integration pattern in Python (intercepting prompts, parsing filter results).
gcp-agent-safety-gatekeeper
This skill implements the Python integration layer for Model Armor. Grounded in security_blog.md, it provides the safety_util functions needed to intercept prompts, sanitize them against your security policy, and handle safety triggers in your FastAPI backend.
Usage
Ask Antigravity to:
- "Add a safety gatekeeper to my agent backend"
- "Implement Model Armor prompt sanitization in Python"
- "Create a safety utility to parse Model Armor findings"
- "Handle prompt injection errors in my FastAPI app"
Integration Pattern
- Client Initialization: Configures the
ModelArmorClientwith the correct regional endpoint. safety_util.py: A robust parser that convertsSanitizeUserPromptResponseinto a list of human-readable security triggers (e.g., "Prompt Injection", "PII: Person names").- Application Interception: Logic to block or sanitize prompts before they reach the GenAI model or agent orchestrator.
Boilerplate Implementation
Refer to scripts/safety_util.py for the core parsing logic.
Related Skills
googlecloudplatform/gcp-agent-sdp-template-factory
devops
VerifiedTrustedCommunity
Standardizes the creation of Sensitive Data Protection (DLP) templates for PII and credential redaction.
260SKILL.mdUpdated Apr 5, 2026
googlecloudplatform/gcp-agent-model-armor-shield
testing
VerifiedTrustedCommunity
Configures Model Armor security policies (Prompt Injection, Jailbreak, RAI filters).
260SKILL.mdUpdated Apr 5, 2026
googlecloudplatform/gcp-agent-golden-dataset-builder
tools
VerifiedTrustedCommunity
Assists developers in collecting and structuring a library of diverse examples ("Golden Dataset") required for data-driven evaluation, including tool trajectories.
260SKILL.mdUpdated Apr 5, 2026
googlecloudplatform/gcp-agent-eval-metric-configurator
tools
VerifiedTrustedCommunity
Provides templates for configuring Vertex AI Gen AI Evaluation metrics like GROUNDING, TOOL_USE_QUALITY, and ResponseMatch for specific agent domains.
260SKILL.mdUpdated Apr 5, 2026