google-drive
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes the
keyringlibrary to store OAuth tokens in the system's secure credential store rather than in plain text configuration files. - [SAFE]: Implements a structured permission model that classifies commands into read and write categories, explicitly instructing the agent to seek user confirmation for any actions that create, modify, or delete data.
- [SAFE]: Uses official Google API client libraries and standard Python argument parsing to ensure secure communication and safe handling of command-line inputs.
- [PROMPT_INJECTION]: The skill allows the agent to ingest external data from Google Drive, creating a surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the agent's context through file names, folder names, and metadata retrieved via the
filesandfolderscommands inscripts/google-drive.py. - Boundary markers: The skill documentation does not provide specific delimiters or 'ignore' instructions for the model when processing retrieved file data.
- Capability inventory: The skill provides the agent with multiple write capabilities, including
files upload,files move,files delete, and thesharecommand inscripts/google-drive.py. - Sanitization: While shell inputs are sanitized via the
argparselibrary, the skill does not perform semantic filtering of the file metadata returned by the Google Drive API.
Audit Metadata