gws-tasks
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the 'gws' command-line utility to interact with the Google Tasks API. This is the intended and documented functionality of the skill for performing task management operations.
- [PROMPT_INJECTION]: The skill handles task data (titles and notes) which could theoretically contain indirect prompt injection content.
- Ingestion points: Task list metadata and task content retrieved via the 'list' and 'get' methods.
- Boundary markers: None explicitly defined in the CLI command structures.
- Capability inventory: Limited to task management via the 'gws' binary; no direct shell access or arbitrary code execution capabilities are exposed to the processed data.
- Sanitization: Not applicable as the skill merely passes parameters to a structured CLI tool.
Audit Metadata