gog
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
gogCLI tool to automate tasks across Google Workspace. It implements several security best practices, including the use of--dry-runfor testing,--no-inputfor headless environments, and explicit command filtering via--enable-commandsand--disable-commandsto enforce the principle of least privilege. - [PROMPT_INJECTION]: The skill acknowledges the risk of indirect prompt injection when reading untrusted data from emails, documents, or spreadsheets.
- Ingestion points:
SKILL.md(via data-fetching commands such asgog gmail get,gog docs cat, andgog drive ls). - Boundary markers: Present; the skill explicitly instructs the agent to use the
--wrap-untrustedflag when reading Google content to provide clear delimiters for the LLM. - Capability inventory:
SKILL.md(includes mutation commands likegog docs write,gog sheets update, andgog drive uploadacross the implementation files). - Sanitization: Present; the skill recommends the
--sanitize-contentflag to strip potentially malicious payloads from Gmail message bodies before processing. - [SAFE]: The skill demonstrates high security maturity by providing explicit warnings against printing access tokens or secrets, advising on secure keyring configurations, and encouraging the use of scoped readonly access whenever possible.
Audit Metadata