gog
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the gog command-line tool via Homebrew using the steipete/tap/gogcli formula.
- [COMMAND_EXECUTION]: Executes the gog CLI to interact with various Google Workspace services, including Gmail, Calendar, Drive, Contacts, Sheets, and Docs.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by processing external data at runtime.
- Ingestion points: Retrieves content from Gmail messages, Drive files, Sheets cells, and Google Docs using commands like
gog gmail search,gog docs cat, andgog sheets get(SKILL.md). - Boundary markers: The instructions do not define boundary markers or delimiters to separate ingested content from system instructions.
- Capability inventory: The skill provides powerful capabilities that could be abused if an injection is successful, such as sending emails (
gog gmail send), modifying spreadsheets (gog sheets update), and creating calendar events (gog calendar create). - Sanitization: There is no evidence of sanitization or validation of the data retrieved from Google Workspace APIs before it is passed to the agent's context.
Audit Metadata