google-docs
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): The skill setup requires users to store Google OAuth credentials at ~/.claude/.google/client_secret.json. This is a sensitive file path handled by the skill for its primary functions.
- [EXTERNAL_DOWNLOADS] (MEDIUM): The installation process involves cloning a repository from an untrusted GitHub source (github.com/robtaylor/google-docs-skill.git) which is not on the verified list of organizations or repositories.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it reads and processes external document content which could contain malicious instructions. -- Ingestion points: scripts/docs_manager.rb read parses external document content. -- Boundary markers: No delimiters or safety instructions are present in the provided examples to prevent the AI from obeying instructions embedded within the docs. -- Capability inventory: High-risk capabilities including file sharing, movement, and content deletion. -- Sanitization: No evidence of input validation or sanitization of ingested content is mentioned.
Audit Metadata