gws-gmail
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to read and manage Gmail content, which constitutes an ingestion point for untrusted external data. Maliciously crafted emails could contain instructions intended to influence the agent's behavior.
- Ingestion points: Gmail resources including
messages,threads, andlabels(SKILL.md). - Boundary markers: No specific delimiters or safety warnings regarding the processing of untrusted email content are present in this skill definition.
- Capability inventory: The skill utilizes the
gwscommand-line tool to perform actions like sending, replying, and managing emails. - Sanitization: There is no evidence of content sanitization, escaping, or filtering for data retrieved from Gmail before it is processed by the agent.
Audit Metadata