blink-google-docs

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted data from external Google Docs.
  • Ingestion points: Document content is retrieved in SKILL.md using the GET /documents/DOCUMENT_ID command.
  • Boundary markers: No boundary markers (such as delimiters or instructions to ignore embedded commands) are defined to separate document content from agent instructions.
  • Capability inventory: The skill has the capability to modify documents via POST /documents/DOCUMENT_ID:batchUpdate as described in SKILL.md.
  • Sanitization: No sanitization or validation of the document content is performed before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill utilizes the blink CLI tool to perform operations on the Google Docs API, which is the intended mechanism for the skill's functionality.
  • [EXTERNAL_DOWNLOADS]: The documentation references quickchart.io as a recommended service for exporting charts to images. This is a well-known third-party service for chart rendering.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 05:16 PM
Security Audit — agent-trust-hub — blink-google-docs