google-workspace

The Google Workspace Skill is broadly coherent with its stated purpose of controlling Google Workspace services via the gws CLI and outputting JSON for agent pipelines. The main security concerns center on credential handling (plaintext exports, environment-variable usage) and ensuring that only the necessary service scopes are granted. Dependency from npm is common and acceptable if the package is trustworthy and checksums are verified. The tool appears proportionate to its goals, but requires strict credential management, clear rotation policies, and careful logging practices to avoid unintentional data exposure. Overall: BENIGN with notable security caution (suspicious-lite risk due to credential handling).