The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill references the installation of the gogcli tool via Homebrew.
[COMMAND_EXECUTION]: The skill's functionality is based on executing shell commands with the gog CLI. It also includes a command to start a local listener that can bind to all network interfaces (gog gmail watch serve --bind 0.0.0.0).
[DATA_EXFILTRATION]: The skill provides capabilities to read sensitive data, including email content, attachments, and calendar events. It also includes features that could be misused for data redirection, such as enabling auto-forwarding or adding account delegates.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when processing untrusted data from Google services.
Ingestion points: Email threads and calendar events are read using search and get commands in SKILL.md and references/commands.md.
Boundary markers: No delimiters or protective instructions are used to isolate content from external sources.
Capability inventory: The agent can perform high-impact actions like sending emails, modifying calendar events, and changing account settings.
Sanitization: The skill does not perform validation or escaping of ingested external data.

gogcli