gog
Warn
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation process fetches software from a third-party Homebrew tap (
steipete/tap/gogcli) which is not an official vendor repository or a well-known service according to the trusted list. - [COMMAND_EXECUTION]: The skill relies on the execution of the
gogbinary to perform various operations across Google Workspace services, including Gmail, Drive, and Sheets. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads untrusted data from external sources.
- Ingestion points: Untrusted data enters the agent context via
gog gmail search,gog drive search,gog docs cat, andgog sheets get(SKILL.md). - Boundary markers: No delimiters or instructions are present to warn the agent about ignoring embedded commands in the fetched data.
- Capability inventory: The skill has the ability to write or modify data using
gog gmail send,gog calendar create,gog sheets update, andgog sheets append(SKILL.md). - Sanitization: There is no evidence of sanitization or filtering of content retrieved from emails or documents before it is processed by the agent.
- [CREDENTIALS_UNSAFE]: The setup instructions require the user to provide a local path to a
client_secret.jsonfile for OAuth authentication. While this is a standard requirement for the tool's operation, it involves handling sensitive authentication material.
Audit Metadata