Skills
skills/googleworkspace/cli/gws-alertcenter/Gen Agent Trust Hub

gws-alertcenter

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires and executes the gws command-line utility to perform Google Workspace management tasks.
  • Evidence: Metadata field requires: bins: ["gws"] and various bash command examples throughout SKILL.md.
  • Context: The tool is a vendor-owned resource for 'googleworkspace'.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes alert data from external Google Workspace logs.
  • Ingestion points: alerts.list, alerts.get, and alerts.getMetadata methods in SKILL.md.
  • Boundary markers: No explicit delimiters or boundary markers are defined in the instructions for processing alert content.
  • Capability inventory: The skill has the ability to delete alerts (batchDelete, delete) and update settings (updateSettings).
  • Sanitization: No sanitization logic is visible within the skill definition; the agent relies on its internal safety filters when processing output from the gws tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 10:51 PM