G-Pilot Google Provisioning

The document accurately describes how a vendor-managed automation agent could be authorized to operate on client GCP and Workspace resources. However, its recommended operational model (client uploads long-lived service account JSON, vendor stores and uses it, optional domain-wide delegation, broad roles) materially increases supply-chain and credential-exposure risk. The protocol itself is not executable malware, but it encourages practices that, if the vendor is malicious or compromised, would enable large-scale unauthorized access and data exfiltration. Stronger controls (ephemeral credentials, workload identity, least privilege role templates, customer-managed encryption keys, mandatory rotation, and improved audit/attestation) are necessary before entrusting sensitive keys to the vendor.