gog
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill documents instructions for the agent to execute a third-party CLI tool named 'gog' to interact with sensitive user data across Google Workspace services.
- [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection via external data ingestion. 1. Ingestion points: Data enters the context from Gmail, Google Drive, Sheets, and Docs via search and retrieval commands (e.g., 'gog gmail search', 'gog docs cat'). 2. Boundary markers: The documentation does not provide delimiters or instructions for the agent to ignore commands found within retrieved data. 3. Capability inventory: The agent has the ability to send emails, manage calendar events, and update spreadsheet data, which could be abused if an injection is successful. 4. Sanitization: There is no mention of sanitizing or validating the content retrieved from external sources.
- [NO_CODE]: The skill contains only markdown documentation and does not include any scripts or executable code files.
Audit Metadata