Skills
skills/googleworkspace/cli/gws-docs-write/Gen Agent Trust Hub

gws-docs-write

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill handles untrusted data through the --text flag which is appended to Google Documents, creating an indirect prompt injection surface where malicious instructions within the text could influence the agent's behavior. \n
  • Ingestion points: --text argument in SKILL.md.\n
  • Boundary markers: None identified in the instruction set.\n
  • Capability inventory: Capability to modify documents via gws docs +write.\n
  • Sanitization: No sanitization or input validation logic is present in the skill definition.\n- [COMMAND_EXECUTION]: The skill invokes the gws CLI tool with parameters derived from user input (--document and --text). If these arguments are not correctly escaped by the platform's shell executor, it could allow for arbitrary command injection on the host system.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 12:25 AM