gogcli
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local binary named
gogand a credential management toolsecretsto perform its operations. These commands are used to manage authentication and interact with Google Workspace APIs. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to the way it processes external data.
- Ingestion points: The agent can read untrusted content from email bodies (
gog gmail messages search --include-body), Google Docs (gog docs cat), and Google Sheets (gog sheets get). - Boundary markers: There are no boundary markers or specific instructions defined in the skill to prevent the agent from obeying instructions embedded within the retrieved Google Workspace data.
- Capability inventory: The skill provides powerful capabilities including sending emails (
gog gmail send), uploading files to Drive (gog drive upload), and modifying calendar events or tasks. - Sanitization: No evidence of data sanitization or validation is present in the skill definition to filter malicious instructions from ingested content.
Audit Metadata