clawlaunch-gog

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The setup explicitly asks the user to paste the client_secret JSON into chat and then instructs running commands that embed that JSON verbatim (e.g., echo '' | gog auth credentials -), which requires the agent/LLM to handle and output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). The skill explicitly instructs users to paste OAuth client_secret JSON and redirect URLs into chat and to complete a headless auth flow so the agent can obtain long-lived tokens and access Google Workspace data, which constitutes credential theft and enables data exfiltration and persistent access.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly reads arbitrary user-generated content from Google services (e.g., commands like "gog gmail search"/"gog gmail thread get", "gog drive download", "gog docs cat", and "gog sheets get"), so the agent will ingest untrusted third‑party content (emails, shared files, docs, sheets) that could contain indirect prompt-injection instructions.