gogcli
Warn
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The instructions direct the user to install the
gogclibinary from a personal GitHub repository (github.com/steipete/gogcli) via Homebrew, AUR, or by building from source. This source is not associated with a known trusted organization or established service provider. - [COMMAND_EXECUTION]: The skill's core functionality relies on executing the
gogbinary to perform sensitive operations across multiple Google Workspace services, including Gmail, Drive, and Admin SDK. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its integration with external data sources.
- Ingestion points: The skill retrieves data from Gmail messages (
gog gmail get), Google Drive files (gog drive download), Google Docs (gog docs cat), and Google Sheets (gog sheets get). - Boundary markers: There are no instructions for the agent to use delimiters or ignore embedded instructions when processing retrieved content.
- Capability inventory: The agent has high-privilege capabilities including sending emails (
gog gmail send), deleting files (gog drive delete), and managing Workspace users (gog admin users suspend). - Sanitization: There is no requirement or guidance for the agent to sanitize or validate the content retrieved from external sources before processing it.
Audit Metadata