Skills
skills/sundial-org/awesome-openclaw-skills/google-workspace/Gen Agent Trust Hub

google-workspace

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the @presto-ai/google-workspace-mcp package from the npm registry. This is a third-party dependency not managed by a vendor on the trusted list.
  • [COMMAND_EXECUTION]: The skill executes shell commands to install the MCP server globally (npm install -g) and configure the mcporter tool.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection. It reads untrusted data from external sources and possesses extensive capabilities to modify data and communicate externally. \n
  • Ingestion points: Tools such as gmail.get, docs.getText, and sheets.getText (defined in SKILL.md) ingest content from external accounts. \n
  • Boundary markers: Documentation does not specify the use of delimiters or instructions to ignore embedded commands. \n
  • Capability inventory: The skill has significant capabilities including gmail.send, calendar.createEvent, chat.sendMessage, and drive.downloadFile (defined in SKILL.md). \n
  • Sanitization: There is no evidence of sanitization or validation of the ingested content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 05:13 AM