Skills
skills/googleworkspace/cli/recipe-draft-email-from-doc/Gen Agent Trust Hub

recipe-draft-email-from-doc

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes gws CLI commands to retrieve document data and send emails. This tool is a vendor-specific resource for the Google Workspace author.
  • [DATA_EXFILTRATION]: The skill implements a data flow where information is read from Google Docs and transmitted via Gmail. This behavior matches the primary stated purpose of the skill and occurs within the vendor's ecosystem.
  • [PROMPT_INJECTION]: The skill is structurally vulnerable to indirect prompt injection because it processes untrusted data from external documents.
  • Ingestion points: Google Doc content is retrieved in Step 1 of the instructions.
  • Boundary markers: Absent. The content is interpolated directly into the email body without delimiters.
  • Capability inventory: The skill possesses the capability to send outgoing network communications via the Gmail tool.
  • Sanitization: No sanitization or safety instructions are included to prevent the agent from obeying instructions embedded within the document content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 02:24 AM