Skills
skills/wadewarren/gws-claude-plugin/gws-workflow-email-to-task/Gen Agent Trust Hub

gws-workflow-email-to-task

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data from Gmail messages (subject and body snippet) and incorporates it into a workflow. This creates a surface for indirect prompt injection where a specially crafted email could attempt to influence the agent's behavior.
  • Ingestion points: Email subject and snippet are ingested via the 'gws' tool (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are present in the skill's logic.
  • Capability inventory: The skill executes the 'gws' command-line tool to perform authenticated actions on Google Workspace services (SKILL.md).
  • Sanitization: There is no evidence of sanitization or filtering of the email content before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 04:56 PM