Skills
skills/steipete/gogcli/gog/Gen Agent Trust Hub

gog

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gog CLI tool to perform operations across Google Workspace services (Gmail, Drive, Sheets, etc.). All commands are aligned with the skill's stated purpose of automation and data management.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external sources (e.g., email content, document text), creating an indirect prompt injection surface. This is mitigated by explicit safety instructions provided in the documentation.
  • Ingestion points: SKILL.md (via gmail get, docs cat, sheets get commands).
  • Boundary markers: None explicitly defined in the provided command examples.
  • Capability inventory: The gog tool performs network operations (API calls) and file modifications (upload, write).
  • Sanitization: The skill recommends using the --sanitize-content flag for Gmail and --readonly service scopes to limit exposure.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 12:07 AM
Security Audit — agent-trust-hub — gog