gog

Warn

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's installation process fetches software from a third-party Homebrew tap (steipete/tap/gogcli) which is not an official vendor repository or a well-known service according to the trusted list.
  • [COMMAND_EXECUTION]: The skill relies on the execution of the gog binary to perform various operations across Google Workspace services, including Gmail, Drive, and Sheets.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads untrusted data from external sources.
  • Ingestion points: Untrusted data enters the agent context via gog gmail search, gog drive search, gog docs cat, and gog sheets get (SKILL.md).
  • Boundary markers: No delimiters or instructions are present to warn the agent about ignoring embedded commands in the fetched data.
  • Capability inventory: The skill has the ability to write or modify data using gog gmail send, gog calendar create, gog sheets update, and gog sheets append (SKILL.md).
  • Sanitization: There is no evidence of sanitization or filtering of content retrieved from emails or documents before it is processed by the agent.
  • [CREDENTIALS_UNSAFE]: The setup instructions require the user to provide a local path to a client_secret.json file for OAuth authentication. While this is a standard requirement for the tool's operation, it involves handling sensitive authentication material.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — gog