Skills
skills/googleworkspace/cli/gws-gmail-reply/Gen Agent Trust Hub

gws-gmail-reply

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill handles untrusted data from Gmail messages, which could contain malicious instructions designed to influence agent behavior.
  • Ingestion points: The skill reads Gmail message IDs and associated thread content to generate replies (SKILL.md).
  • Boundary markers: No explicit boundary markers or instructions to disregard instructions within the email body are specified in the skill file.
  • Capability inventory: The skill interacts with the Gmail service via the gws binary, allowing it to send replies and add recipients (SKILL.md).
  • Sanitization: The skill definition does not describe any specific sanitization or filtering of the external email content before processing.
  • [COMMAND_EXECUTION]: The skill executes the gws binary to interface with Google Workspace services. As the binary is a resource provided by the vendor (googleworkspace), this is part of the intended functionality of the skill set.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 05:56 PM