gws-install

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask the user to paste their client_secret.json (or otherwise handle raw client secrets), which requires the LLM to receive and potentially output secret values verbatim.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill instructs runtime installation of and fetching from the npm package "@googleworkspace/cli" (via "npm install -g @googleworkspace/cli" and "npx skills add googleworkspace/cli -g --agent claude-code --all", e.g. https://www.npmjs.com/package/@googleworkspace/cli), which downloads and executes remote code and installs agent skills that directly control the agent's prompts/instructions.