Skills
skills/usetemi/skills/google-drive/Gen Agent Trust Hub

google-drive

Fail

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches installation scripts for uv and rclone from the official domains of well-known services (astral.sh and rclone.org).
  • [COMMAND_EXECUTION]: Instructs the agent to perform silent installations of system packages and tools without user confirmation. It uses shell commands (including sudo bash for rclone installation) and extensively wraps the rclone binary for storage operations.
  • [PROMPT_INJECTION]: The skill exposes an attack surface for indirect prompt injection by ingesting external data into the agent's context.
  • Ingestion points: The gdrive pull command downloads files from Google Drive to the local environment for subsequent agent interaction.
  • Boundary markers: No specific delimiters or safety warnings are implemented to isolate the content of fetched documents from the agent's instructions.
  • Capability inventory: The skill can execute subprocesses, perform file system operations, and make network requests to Google Cloud APIs.
  • Sanitization: The skill does not validate or sanitize the content of pulled files before they are processed by the agent.
Recommendations
  • HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
May 15, 2026, 05:58 PM