Skills
skills/wadewarren/gws-claude-plugin/gws-workflow/Gen Agent Trust Hub

gws-workflow

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes commands using the gws binary to manage resources across Google Workspace.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes untrusted data from external sources.
  • Ingestion points: Untrusted data is ingested from Gmail messages, meeting summaries, and Drive files via helper commands like +email-to-task and +standup-report.
  • Boundary markers: The skill does not specify any boundary markers or instructions to ignore potential commands embedded within the ingested data.
  • Capability inventory: The skill uses the gws binary to perform read and write operations across various Google services.
  • Sanitization: There is no evidence of input validation or sanitization for the content retrieved from external sources before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 04:56 PM