Skills
skills/udecode/google-forms-mcp/google-forms/Gen Agent Trust Hub

google-forms

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The tool get_form_responses creates a significant indirect prompt injection surface by ingesting untrusted input from external form submitters. Because the agent also possesses write and delete capabilities, a malicious form submission could potentially manipulate the agent into performing unauthorized actions. 1. Ingestion points: get_form_responses (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: delete_form, delete_question, update_form (SKILL.md). 4. Sanitization: None specified.
  • [CREDENTIALS_UNSAFE] (HIGH): The setup instructions require users to store highly sensitive GOOGLE_CLIENT_SECRET and GOOGLE_REFRESH_TOKEN values in a plaintext .mcp.json file. This exposes long-lived credentials to any user or process with read access to the local filesystem.
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The bun install command downloads third-party Node.js packages at setup time. These dependencies are not pinned to specific versions or verified via hashes in the instructions, posing a supply chain risk.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:26 AM