gws-drive
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of
gwsCLI commands to interact with the Google Drive API. It includes explicit security rules instructing the agent to confirm write or delete operations with the user and suggesting the use of--dry-runfor destructive tasks. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes data from external sources (Google Drive files via
files list,get, andexport). - Ingestion points: Methods defined in
SKILL.mdfor retrieving file metadata and content. - Boundary markers: Absent. The skill does not define specific delimiters or instructions to treat ingested file content as untrusted.
- Capability inventory: The skill has the ability to write to the filesystem (
-oflag), upload files, and modify permissions (permissions create), which could be targeted by instructions found in processed files. - Sanitization: Absent. There are no instructions for sanitizing or validating the content retrieved from the API.
Audit Metadata