gws-events-subscribe
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'gws' command-line tool, which is a vendor-owned resource from the 'googleworkspace' author for managing Workspace services. Commands like 'gws events +subscribe' are documented with standard parameters for Google Cloud Platform and Workspace resources.
- [PROMPT_INJECTION]: The skill ingests untrusted data from external sources (Workspace events) through the 'gws' command. While no boundary markers or sanitization methods are explicitly defined in the documentation, this data processing is the primary intended function of the skill. Ingestion points: 'gws events +subscribe' output (SKILL.md). Boundary markers: Absent. Capability inventory: 'gws' CLI execution (SKILL.md). Sanitization: Absent.
- [SAFE]: All referenced infrastructure components, such as GCP projects, Pub/Sub subscriptions, and API endpoints (e.g., '//chat.googleapis.com/'), are standard for Google Workspace integrations. The skill includes a mandatory caution note instructing the agent to confirm with the user before executing write operations.
Audit Metadata