Skills
skills/jetbrains/skills/gws-forms/Gen Agent Trust Hub

gws-forms

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the gws command-line tool to interact with Google Workspace APIs. This is the primary function of the skill and involves standard operations like creating, retrieving, and updating forms.
  • [INDIRECT_PROMPT_INJECTION]: The skill provides the ability to read Google Forms and responses. Content from these external sources could potentially contain malicious instructions intended to influence the agent.
  • Ingestion points: Data enters the agent's context through methods like gws forms get and gws forms responses.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external form data as untrusted.
  • Capability inventory: The agent can execute shell commands via the gws CLI and write to forms.
  • Sanitization: The skill does not implement specific sanitization of the retrieved form content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 10:49 PM
Security Audit — agent-trust-hub — gws-forms