gws-script
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the 'gws' CLI tool, which is a recognized vendor resource associated with the 'googleworkspace' author for interacting with official APIs.
- [SAFE]: The API methods documented, such as 'projects.getContent' and 'projects.updateContent', are essential functionalities for script management and do not exhibit suspicious behavior.
- [SAFE]: No prompt injection vectors, obfuscated code, or unauthorized network operations were detected in the skill's instructions or metadata.
- [SAFE]: Although the skill can process external script data, which creates a theoretical surface for indirect prompt injection, this capability is the primary intended use-case and is handled through established API channels. (Ingestion points: 'projects.getContent'; Boundary markers: None; Capability inventory: 'projects.updateContent', 'scripts.run'; Sanitization: None).
Audit Metadata