Dialogflow Cx Agents
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If broad Google Cloud credentials are used, the skill can act across any Dialogflow resources those credentials can access.
The skill requires Google Cloud credentials that can authorize Dialogflow CX API actions. This is expected for the purpose, but the credential scope controls what projects and agents can be read or modified.
- Service account or OAuth credentials with Dialogflow API access - `gcloud` CLI authenticated OR bearer token
Use least-privilege credentials limited to the intended project and Dialogflow actions, and avoid using broad owner/admin credentials.
Running the wrong delete command could remove a Dialogflow CX agent from a Google Cloud project.
The CLI exposes a direct delete operation for Dialogflow agents. This is aligned with the stated purpose, but the code does not add an extra confirmation before deletion.
def delete_agent(agent_name: str):
client = AgentsClient()
client.delete_agent(name=agent_name)Confirm the full agent resource name and project/location before update or delete operations, and consider backing up/exporting important agents first.
Dependency installation depends on the user's Python package source and current package versions.
The script requires external Python packages installed manually and does not pin package versions. These are standard Google libraries and purpose-aligned, but the install provenance is left to the user.
Install:
pip install google-cloud-dialogflow-cx google-authInstall dependencies from trusted package indexes and consider pinning versions in a controlled environment.