The Agent Skills Directory

[COMMAND_EXECUTION]: The skill requires and executes the 'gws' binary, which is a vendor-owned resource for Google Workspace. This utility is used to interact with API resources like subscriptions, tasks, and operations.- [EXTERNAL_DOWNLOADS]: The skill references official Google developer documentation and API guides at 'developers.google.com'. These references target a well-known and trusted service.- [PROMPT_INJECTION]: The skill exposes ingestion points for external data through methods such as 'message.stream' and 'tasks.subscribe'. These streaming interfaces are designed to receive event data from Google Workspace. While this creates a surface for indirect prompt injection, it is the intended functionality of the skill and no vulnerabilities were found in the skill's structure. Evidence: Ingestion points found in SKILL.md (message.stream, tasks.subscribe); Capabilities include gws CLI execution; no specific boundary markers or sanitization logic is defined in the static markdown.

gws-events