The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill installs the gog command-line tool from a third-party Homebrew repository (steipete/tap/gogcli) as part of its setup process.
[COMMAND_EXECUTION]: The skill executes the gog binary to perform automated actions on Google Workspace services based on user requests.
[DATA_EXFILTRATION]: The skill provides tools for reading and writing sensitive user data across Gmail, Google Drive, Google Sheets, and Google Docs. While this is the intended functionality, it grants the agent access to high-privilege information.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests untrusted data from external sources (emails, documents, sheets) that could contain malicious instructions designed to hijack the agent's logic.
Ingestion points: Reading content via gog gmail messages search, gog drive search, gog sheets get, and gog docs cat.
Boundary markers: No explicit delimiters or "ignore embedded instructions" warnings are used when the agent processes the retrieved content.
Capability inventory: The skill possesses high-impact capabilities including sending emails (gog gmail send), modifying spreadsheets (gog sheets update), and creating calendar events (gog calendar create).
Sanitization: There is no evidence of sanitization or structural validation for the content retrieved from external Google Workspace APIs before it is processed by the AI.

gog