Gemini Enterprise

Enterprise

Google

Product overview

Name of Agent: Gemini Enterprise

Short description of agent: "discover, create, share, and run AI agents all in one secure platform" (link, archived)

Date of release: 9/04/2025 (link, archived) for initial Agenspace 09/10/2025 (link, archived)

Advertised use: data management and resources for different teams

Monetisation/Usage price: 21 30, more controls and custom coded agents both per seat cost

Who is using it?: enterprises

Website: (https://cloud.google.com/gemini-enterprise/agents, archived)

Category: Enterprise

Company & accountability

Developer: Google

Name of legal entity: Google LLC (link, archived)

Place of legal incorporation: Delaware, USA (link, archived)

For profit company?: Yes

Parent company?: Alphabet Inc

Governance documents analysis: Google Cloud TOS (link, archived), Google Cloud AUP (link, archived), Google Cloud Privacy Notice (link, archived)

AI safety/trust framework: Responsible AI Principles (link, archived), Responsible AI Report, Model Cards (link, archived)

Compliance with existing standards: Immediately listed on trust center page ISO/IEC 27001/27017/27018/27701, SOC 1/2/3, PCI DSS, FedRAMP certifications, GDPR, HIPAA (link, archived) (full list of compliance offerings here (link, archived))

Technical capabilities & system architecture

Model specifications: None found (but presumably Gemini)

Documention: (https://cloud.google.com/gemini/enterprise/docs/agent-designer, archived)

Observation space: Has access to the internet and can be connected to custom data sources.

Action space: Can take actions with data sources and third part tools (e.g. gmail, google drive, jira) (link, archived)

Memory architecture: None found

User interface and interaction design: Node-based canvas

User roles: Designer (user designs agentic workflows)

Component accessibility: Closed source

Autonomy & control

Autonomy level and planning depth: L1-L2: user has full control over how to design the agent and is directly manipulating the canvas. User can also use the built-in assistant, which can make some changes on behalf of the user but user ultimately has full control. Resulting agents are L3-L5: tackles multi-step tasks and might be more proactive about asking for user feedback if prompted to do so but not necessarily default behavior

User approval requirements for different decision types: None

Execution monitoring, traces, and transparency: Visible (albeit summarized) CoT when reasoning is activated

Emergency stop and shut down mechanisms and user control: User can pause/stop the agent at any time

Usage monitoring and statistics and patterns: Assume usage can be monitored via the Google Cloud console

Ecosystem interaction

Identify to humans?: None found

Identifies technically?: Gemini Enterprise REST reference includes a UserInfo.userAgent field described as “User agent as included in the HTTP header,” indicating the User-Agent is client-provided/contextual rather than a published, Gemini Enterprise-specific signature (link, archived)

Interoperability standards and integrations: - A2A, MCP, AP2 (link, archived)

Web conduct: - Third party services can be used to access the web (link, archived) - Vertex AI Agent Builder uses Google Search (link, archived), which relies on Google's crawlers - Custom agents can be built using the Agent Development Kit (ADK) in Vertex AI (link, archived)

Safety, evaluation & impact

Technical guardrails and safety measures: Gemini Enterprise includes Model Armor as “built-in guardrails” that screen user prompts and responses to proactively detect prompt injection, jailbreaking, and sensitive data (link , archived)Model Armor templates support enforcement modes: Inspect and block (default) (blocks and shows an error) and Inspect only (non-blocking) (link, archived)

Sandboxing and containment approaches: None found

What types of risks were evaluated?: None found

(Internal) safety evaluations and results: None found

Third-party testing, audits, and red-teaming: None found

Benchmark performance and demonstrated capabilities: None found

Bug bounty programmes and vulnerability disclosure: Yes (link, archived)

Any known incidents?: 2025 product-specific security issue affecting Google Gemini Enterprise (“GeminiJack” indirect prompt injection / zero-click data exfiltration risk) was reported to Google in June 2025, link, (link, archived)

← Back to 2025 Index