gws-drive
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to process untrusted data retrieved from the Google Drive API. \n
- Ingestion points: Untrusted data enters the agent context through methods such as
files.get,files.download,comments.list, andrevisions.get, which ingest user-controlled content. \n - Boundary markers: The analyzed file does not define boundary markers or explicit instructions for the agent to ignore or delimit embedded commands within retrieved data. \n
- Capability inventory: The skill possesses significant capabilities, including the ability to create, update, and delete files and permissions (
files.create,files.update,permissions.delete), which could be leveraged if an injection is successful. \n - Sanitization: There is no documentation regarding the sanitization or validation of content fetched from the API before it is processed by the agent.
Audit Metadata