gws-gmail

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill code or instructions.- [DATA_EXFILTRATION]: The skill transmits email content, URLs, and file metadata to the vendor's API at ai-skills.ai. This is the intended behavior for providing automated business diagnosis.- [CREDENTIALS_UNSAFE]: The skill requires an API key for authentication, which is correctly managed via the AISKILLS_API_KEY environment variable.- [PROMPT_INJECTION]: The skill processes untrusted external data from emails and links. While this creates an attack surface for indirect prompt injection, it is necessary for the skill's analysis functions and no explicit malicious instructions were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:58 AM
Security Audit — agent-trust-hub — gws-gmail