google-drive-automation
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill references an external MCP server at https://rube.app/mcp which is not on the trusted repositories or organizations list. While this is the intended mechanism for the skill, it relies on a third-party service outside of the analyzed environment.
- [PROMPT_INJECTION] (LOW): The skill has a surface for indirect prompt injection. (1) Ingestion points: The agent retrieves file names, content, and metadata from Google Drive using GOOGLEDRIVE_FIND_FILE and GOOGLEDRIVE_LIST_FILES. (2) Boundary markers: No delimiters or warnings are provided to the agent to treat drive data as untrusted. (3) Capability inventory: The skill provides tools for permission management (GOOGLEDRIVE_ADD_FILE_SHARING_PREFERENCE), file deletion, and movement. (4) Sanitization: No instructions exist to sanitize or validate data before it influences agent logic.
Audit Metadata