gog
Warn
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
gogbinary from a third-party Homebrew tap:steipete/tap/gogcli. This source is not associated with the vendor or the list of pre-approved trusted organizations. - [COMMAND_EXECUTION]: The skill executes various
gogCLI commands through subprocesses to interact with Google services. This allows for arbitrary command execution within the context of thegogtool. - [DATA_EXFILTRATION]: The skill can read sensitive information from Gmail, Drive, and Sheets. It also has the ability to send emails and export document content to local files, providing multiple paths for data exposure.
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection due to its interaction with untrusted external data.
- Ingestion points: Fetches data from external sources including Gmail messages, Google Drive file names/content, and Google Sheets cells.
- Boundary markers: No delimiters or instructions are provided to distinguish between system instructions and data retrieved from external sources.
- Capability inventory: The skill can perform sensitive actions such as sending emails (
gog gmail send), creating calendar events (gog calendar create), and updating spreadsheets (gog sheets update). - Sanitization: There is no evidence of sanitization or validation of the data retrieved from Google Workspace before it is processed by the agent.
Audit Metadata