google-drive-automation
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches tool definitions and configuration from the vendor's MCP server at
https://rube.app/mcp. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its interaction with untrusted external data.
- Ingestion points: The agent processes file names, metadata, and contents retrieved from Google Drive via tools such as
GOOGLEDRIVE_FIND_FILEandGOOGLEDRIVE_DOWNLOAD_FILE. - Boundary markers: The instructions lack explicit delimiters or guidance for the agent to distinguish between its own instructions and content found within processed files.
- Capability inventory: The skill has the ability to share files (
GOOGLEDRIVE_ADD_FILE_SHARING_PREFERENCE), delete permissions (GOOGLEDRIVE_DELETE_PERMISSION), and move files, which could be exploited if malicious instructions in a file are followed. - Sanitization: There is no evidence of sanitization or validation of the data retrieved from Google Drive before it is integrated into the agent's context.
Audit Metadata