Gemini Enterprise

Enterprise

Google

Product overview

Name of Agent: Gemini Enterprise

Short description of agent: "discover, create, share, and run AI agents all in one secure platform" (link, archived)

Date of release: 9/04/2025 (link, archived) for initial Agenspace 09/10/2025 (link, archived)

Advertised use: data management and resources for different teams

Monetisation/Usage price: 21 30, more controls and custom coded agents both per seat cost

Who is using it?: enterprises

Website: (https://cloud.google.com/gemini-enterprise/agents, archived)

Category: Enterprise

Company & accountability

Developer: Google

Name of legal entity: Google LLC (link, archived)

Place of legal incorporation: Delaware, USA (link, archived)

For profit company?: Yes

Parent company?: Alphabet Inc

Governance documents analysis: Google Cloud TOS (link, archived), Google Cloud AUP (link, archived), Google Cloud Privacy Notice (link, archived)

AI safety/trust framework: Responsible AI Principles (link, archived), Responsible AI Report, Model Cards (link, archived)

Compliance with existing standards: Immediately listed on trust center page ISO/IEC 27001/27017/27018/27701, SOC 1/2/3, PCI DSS, FedRAMP certifications, GDPR, HIPAA (link, archived) (full list of compliance offerings here (link, archived))

Technical capabilities & system architecture

Model specifications: None found (but presumably Gemini)

Documention: (https://cloud.google.com/gemini/enterprise/docs/agent-designer, archived)

Observation space: Has access to the internet and can be connected to custom data sources.

Action space: Can take actions with data sources and third part tools (e.g. gmail, google drive, jira) (link, archived)

Memory architecture: None found

User interface and interaction design: Node-based canvas

User roles: Designer (user designs agentic workflows)

Component accessibility: Closed source

Autonomy & control

Autonomy level and planning depth: L1-L2: user has full control over how to design the agent and is directly manipulating the canvas. User can also use the built-in assistant, which can make some changes on behalf of the user but user ultimately has full control. Resulting agents are L3-L5: tackles multi-step tasks and might be more proactive about asking for user feedback if prompted to do so but not necessarily default behavior

User approval requirements for different decision types: None

Execution monitoring, traces, and transparency: Visible (albeit summarized) CoT when reasoning is activated

Emergency stop and shut down mechanisms and user control: User can pause/stop the agent at any time

Usage monitoring and statistics and patterns: Assume usage can be monitored via the Google Cloud console

Ecosystem interaction

Identify to humans?: None found

Identifies technically?: Gemini Enterprise REST reference includes a UserInfo.userAgent field described as “User agent as included in the HTTP header,” indicating the User-Agent is client-provided/contextual rather than a published, Gemini Enterprise-specific signature (link, archived)

Interoperability standards and integrations: A2A, MCP, AP2 (link, archived).

Web conduct: Third party services can be used to access the web (link, archived). Vertex AI Agent Builder uses Google Search (link, archived), which relies on Google's crawlers. Custom agents can be built using the Agent Development Kit (ADK) in Vertex AI (link, archived).

Safety, evaluation & impact

Technical guardrails and safety measures: Gemini Enterprise includes Model Armor as “built-in guardrails” that screen user prompts and responses to proactively detect prompt injection, jailbreaking, and sensitive data (link , archived)Model Armor templates support enforcement modes: Inspect and block (default) (blocks and shows an error) and Inspect only (non-blocking) (link, archived)

Sandboxing and containment approaches: None found

What types of risks were evaluated?: None found

(Internal) safety evaluations and results: None found

Third-party testing, audits, and red-teaming: None found

Benchmark performance and demonstrated capabilities: None found

Bug bounty programmes and vulnerability disclosure: Yes (link, archived)

Any known incidents or reported vulnerabilities?: 2025 product-specific security issue affecting Google Gemini Enterprise (“GeminiJack” indirect prompt injection / zero-click data exfiltration risk) was reported to Google in June 2025, (link, archived)

← Back to 2025 Index