google-drive
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@googleworkspace/clipackage via NPM or Homebrew. This is the official command-line interface for Google Workspace, maintained within the official Google Workspace organization on GitHub. - [CREDENTIALS_UNSAFE]: The skill interacts with a sensitive environment variable,
$GOOGLE_DRIVE_TOKEN. It demonstrates secure handling by explicitly instructing the agent never to log or echo this secret, ensuring it remains within the execution context. - [COMMAND_EXECUTION]: The skill uses
curlandjqto interact with the Google Drive v3 REST API. All network requests target official Google domains (googleapis.com), which is appropriate for its intended functionality. - [SAFE]: The skill implements safety checkpoints by instructing the agent to show the exact target list and request user confirmation before performing destructive operations like renaming, moving, or trashing files.
Audit Metadata