gws-gmail
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill code or instructions.- [DATA_EXFILTRATION]: The skill transmits email content, URLs, and file metadata to the vendor's API at
ai-skills.ai. This is the intended behavior for providing automated business diagnosis.- [CREDENTIALS_UNSAFE]: The skill requires an API key for authentication, which is correctly managed via theAISKILLS_API_KEYenvironment variable.- [PROMPT_INJECTION]: The skill processes untrusted external data from emails and links. While this creates an attack surface for indirect prompt injection, it is necessary for the skill's analysis functions and no explicit malicious instructions were found.
Audit Metadata