recipe-search-and-export-emails
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
gwsCLI tool (a vendor-provided resource for Google Workspace) to perform Gmail operations such as listing and retrieving messages. - [DATA_EXFILTRATION]: Accesses sensitive Gmail content for searching and local export to
project-emails.json. This data access is the primary functionality of the skill and does not involve exfiltration to external or untrusted domains. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by retrieving and processing external content from Gmail messages.
- Ingestion points: Message content retrieved via
gws gmail users messages getinSKILL.md. - Boundary markers: None identified in the provided instructions.
- Capability inventory: Access to Gmail message list and content via the
gwstool. - Sanitization: No sanitization or content validation is specified in the search and export workflow.
Audit Metadata