google-docs-skill
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill allows the agent to ingest content from Google Docs and local files, which could contain instructions intended to influence agent behavior.\n
- Ingestion points:
read,from-markdown, and file-basedcreate/updatecommands.\n - Boundary markers: None are defined to separate document content from agent instructions.\n
- Capability inventory: The skill can export files to the local system, share documents with third parties, and upload images with public access.\n
- Sanitization: Ingested text is not sanitized or escaped.\n- [DATA_EXPOSURE]: The script accesses authentication tokens and searches for credentials in other related skill directories to facilitate setup.\n- [EXTERNAL_DOWNLOADS]: Uses official Google API libraries to interact with Google services.
Audit Metadata