gws-vault
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
gwscommand-line tool to interact with the Google Vault API. This is the primary intended function of the skill and is used for administrative tasks such as managing matters, permissions, and exports. - [INDIRECT_PROMPT_INJECTION]: The skill processes data retrieved from the Google Vault API, such as names and descriptions of 'matters'. While this creates a surface for potential indirect prompt injection if an attacker can control these resource names, the skill operates within the expected parameters of a Workspace management tool.
Audit Metadata