wb-drive
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the 'gws' CLI tool to interact with Google Workspace APIs. It performs operations such as listing files, downloading content, uploading files, and deleting resources within a specific shared drive.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. An attacker could place malicious instructions in a Google Doc that the agent reads, potentially triggering unintended actions like file deletion.
- Ingestion points: Document content is ingested via 'gws drive files export' and 'gws docs documents get' as described in SKILL.md.
- Boundary markers: No boundary markers or instructions to ignore embedded commands are used to separate document content from agent instructions.
- Capability inventory: The skill can create, delete, and modify files and documents on the drive, as seen in the create and delete operations in SKILL.md.
- Sanitization: No sanitization or filtering is performed on content retrieved from external files before processing.
Audit Metadata