google-drive-upload
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill's behavior matches its documentation and intended use-case.
- [DATA_EXFILTRATION]: The skill transmits file data to an external Google Apps Script URL. This is the primary function of the skill and relies on a user-provided API key and URL stored in a local configuration file (
~/.cowork-gdrive-config.json). - [COMMAND_EXECUTION]: The skill uses standard system utilities such as
cat,base64,file, andcurlto process files and interact with the remote API. These commands are used transparently within the documented workflow.
Audit Metadata