google-drive-automation
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill references external Python scripts (scripts/auth.py and scripts/drive.py) that are not provided in the source files.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from Google Drive, creating a surface for indirect prompt injection. 1. Ingestion points: File search results, folder listings, and file downloads via scripts/drive.py (SKILL.md). 2. Boundary markers: No delimiters or warnings for the agent to ignore embedded instructions are present. 3. Capability inventory: Local script execution (python) and file system write operations for downloads. 4. Sanitization: No sanitization or validation of the retrieved Drive content is mentioned or implemented in the instructions.
Audit Metadata