cs-workspace-admin

SUSPICIOUS: The skill’s purpose and capabilities are broadly aligned with Google Workspace administration, and the apparent data flow is to official Google services rather than a proxy. However, it delegates sensitive admin actions and credential handling to a third-party CLI from a different org, and the skill enables high-impact autonomous real-world changes. This looks more like a high-privilege admin integration than malware, but it carries meaningful operational and credential risk.