Skills
NYC
skills/sanjay3290/postgres-skill/google-docs/Gen Agent Trust Hub

google-docs

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): The skill is vulnerable to indirect prompt injection through document content ingestion. \n
  • Ingestion points: The get-text command in scripts/docs.py retrieves content from Google Docs based on document IDs or URLs provided to the agent. \n
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill's documentation or operational instructions. \n
  • Capability inventory: The skill allows the agent to create new documents, search through document titles, and modify existing content via append-text, insert-text, and replace-text. \n
  • Sanitization: There is no indication that the skill performs any sanitization or filtering of the document text before it is returned to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 05:21 PM