gws-gmail
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security vulnerabilities or malicious patterns were identified. The skill correctly defines its scope for managing Gmail via the vendor-provided 'gws' CLI.
- [COMMAND_EXECUTION]: The skill utilizes the 'gws' binary to interact with the Gmail API, which is the expected and documented behavior for this toolset.
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection as it processes email content. 1. Ingestion points: email content retrieved via message read and triage commands. 2. Boundary markers: not specified in this routing skill. 3. Capability inventory: include sending, replying, and forwarding emails. 4. Sanitization: no explicit sanitization is described in this interface definition. This is an inherent property of email management and no specific exploitation patterns were found.
Audit Metadata