gog
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill initiates the installation of the
gogutility via the Homebrew package manager from thesteipete/tap/gogclirepository. - [COMMAND_EXECUTION]: The skill uses the
gogCLI to perform operations such as sending emails, creating calendar events, and updating spreadsheets. - [DATA_EXFILTRATION]: The skill accesses and processes sensitive user data from Google Workspace services. While this data is handled as part of the tool's primary purpose, users should be aware that the agent will have access to private communications and documents.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it reads untrusted data from external sources (emails, documents, and spreadsheets) and possesses write capabilities.
- Ingestion points: Untrusted data enters the context via
gog gmail search,gog drive search,gog sheets get, andgog docs catcommands. - Boundary markers: No specific delimiters or safety instructions are defined to separate ingested data from agent commands.
- Capability inventory: The skill can perform write actions including
gog gmail send,gog calendar create, andgog sheets update. - Sanitization: There is no evidence of content filtering or validation for the data retrieved from Google services.
Audit Metadata