Skills
skills/accomplish-ai/accomplish/gws-gmail/Gen Agent Trust Hub

gws-gmail

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill facilitates the processing of external, untrusted data (email content) which presents a surface for indirect prompt injection.
  • Ingestion points: Gmail messages are retrieved using the list and read subcommands in SKILL.md.
  • Boundary markers: There are no instructions or delimiters defined to help the agent distinguish between its system instructions and the content of the emails being read.
  • Capability inventory: The skill provides capabilities to send, reply, archive, and label messages, which could be abused if an injection is successful.
  • Sanitization: No sanitization or content filtering is implemented or suggested for the retrieved email data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 02:59 AM