gmail-access

SUSPICIOUS. The skill’s Gmail-focused behavior is mostly aligned with its stated purpose, and official services like Google OAuth and 1Password are used. But the core trust problem is that all sensitive Gmail and OAuth handling is delegated to a private/local Gmail CLI binary with no publicly verifiable provenance; because that CLI receives credential context and manages cached secrets/tokens, the skill is high security risk under the mandatory unverifiable-binary rules. No confirmed malicious exfiltration is shown, so this is better classified as high-risk/vulnerable rather than confirmed malware.