gccli
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of
@mariozechner/gcclivia npm. This package originates from an untrusted individual author, posing a supply chain risk. - COMMAND_EXECUTION (LOW): The skill operates by executing shell commands (
gccli), which is necessary for its functionality but increases the attack surface if used with unsanitized inputs. - INDIRECT_PROMPT_INJECTION (LOW): The skill processes external data from Google Calendar events. A malicious actor could craft a calendar event with instructions designed to manipulate the AI agent's behavior.
- Ingestion points: Output from listing and viewing events via
gccli <email> events. - Boundary markers: None identified in the skill instructions.
- Capability inventory: Shell command execution via the CLI tool.
- Sanitization: No sanitization logic is described for handling event summaries or descriptions.
Audit Metadata