Skills
skills/prashaantr/teach-claude-something-new/composio-drive/Gen Agent Trust Hub

composio-drive

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses curl to interact with the Composio API and jq to parse JSON results across all actions.
  • [EXTERNAL_DOWNLOADS]: Communicates with https://backend.composio.dev to execute requested Google Drive actions.
  • [PROMPT_INJECTION]: Vulnerable to indirect prompt injection when the agent processes data from external files. 1. Ingestion points: GOOGLEDRIVE_DOWNLOAD_FILE and GOOGLEDRIVE_LIST_FILES in references/actions.md ingest file content and metadata into the agent context. 2. Boundary markers: Absent; untrusted content is not isolated using delimiters or protective instructions. 3. Capability inventory: The skill provides broad capabilities including GOOGLEDRIVE_DELETE_FILE, GOOGLEDRIVE_SHARE_FILE, and GOOGLEDRIVE_UPLOAD_FILE. 4. Sanitization: Absent; the skill does not perform content validation or filtering on retrieved data.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 07:49 AM