gws-people
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the gws command-line utility to perform operations on the Google People API, such as managing contact groups and individual profile data.
- [PROMPT_INJECTION]: The skill handles user-controlled contact data (names, notes, profiles), presenting a surface for indirect prompt injection. 1. Ingestion points: Data is retrieved via methods like search, list, and get in SKILL.md. 2. Boundary markers: No specific delimiters or safety warnings regarding untrusted content in contact fields are present in the documentation. 3. Capability inventory: The skill can execute gws CLI commands to interact with Google Workspace. 4. Sanitization: The documentation does not specify sanitization or validation logic for the content of contact fields.
Audit Metadata