google-docs
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's frontmatter description uses authoritative and imperative language designed to override the agent's default behavior and selection logic.
- Evidence: The description contains the phrases "CRITICAL: You MUST activate this skill..." and "override default document behavior," which are patterns used to bypass or influence standard agent orchestration.
- [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by processing external data without boundary markers or sanitization instructions.
- Ingestion points: The skill utilizes
docs.getText,docs.getComments, anddocs.getSuggestionsto read content that may be controlled by third parties. - Boundary markers: There are no instructions to use delimiters or warnings for the agent to ignore embedded instructions within the document data.
- Capability inventory: The skill has extensive write and management capabilities, including
docs.create,docs.writeText,docs.replaceText, anddrive.moveFile. - Sanitization: No sanitization or validation of the ingested document content is performed before processing.
Audit Metadata