gog
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill operates by executing the 'gog' binary to interact with Google Workspace APIs. This includes reading sensitive information (emails, contacts, files) and performing actions like sending emails or updating documents.
- [EXTERNAL_DOWNLOADS]: The skill installs a binary via a third-party Homebrew tap ('steipete/tap/gogcli'). This repository belongs to the skill author and facilitates the core functionality of the skill.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted data from external sources.
- Ingestion points: The skill reads content from external sources via commands such as 'gog gmail search', 'gog drive search', 'gog sheets get', and 'gog docs cat' (SKILL.md).
- Boundary markers: There are no instructions provided to the agent to use delimiters or ignore embedded instructions within the retrieved content.
- Capability inventory: The skill possesses write capabilities including sending emails ('gog gmail send'), creating calendar events, and updating spreadsheet values.
- Sanitization: No sanitization or validation logic is specified for the data retrieved from Google Workspace APIs before it is processed by the agent.
Audit Metadata