recipe-log-deal-update
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes vendor-specific CLI tools ('gws') and dependencies ('gws-sheets', 'gws-drive') to interact with Google Workspace APIs. All actions—listing files, reading spreadsheet ranges, and appending rows—align with the documented functionality for sales tracking.
- [PROMPT_INJECTION]: Indirect Prompt Injection Risk Assessment:
- Ingestion points: The skill reads external data from a Google Spreadsheet in Step 2 of 'SKILL.md'.
- Boundary markers: No delimiters or explicit instructions to ignore embedded content are present.
- Capability inventory: The skill has the ability to list Drive files, read Sheets, and append data to Sheets using the 'gws' toolset.
- Sanitization: No evidence of data sanitization or validation of the spreadsheet content before processing.
Audit Metadata