skills/openclaw/gogcli/gog-people/Gen Agent Trust Hub

gog-people

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill facilitates interaction with the Google People API via the 'gog' command-line utility. It promotes secure usage by advising the use of '--readonly' for informational tasks and '--dry-run' for verifying mutations before execution.
  • [SAFE]: The skill manages potential indirect prompt injection risks by requiring the '--wrap-untrusted' flag when the agent processes external data. This provides a boundary for content that could contain malicious instructions. Ingestion points: Data retrieved via 'gog people get' and 'gog people search' in SKILL.md. Boundary markers: Use of the '--wrap-untrusted' flag in SKILL.md. Capability inventory: Shell execution of the 'gog' tool in SKILL.md. Sanitization: Isolation of untrusted data using the wrapping flag in SKILL.md.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 10:52 AM
Security Audit — agent-trust-hub — gog-people