Skills
skills/wadewarren/gws-claude-plugin/gws-docs-write/Gen Agent Trust Hub

gws-docs-write

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to execute the gws command-line utility to interact with the Google Docs API.
  • [EXTERNAL_DOWNLOADS]: The skill specifies a requirement for an external binary named gws which must be present in the system's execution path.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interpolates untrusted data directly into a command-line argument.
  • Ingestion points: The --text parameter accepts arbitrary string input from the agent's context.
  • Boundary markers: No delimiters or protective markers are used to separate the text content from the command structure.
  • Capability inventory: The skill can modify external Google Documents via the gws CLI tool.
  • Sanitization: There is no evidence of input validation, escaping, or sanitization for the content passed to the --text flag.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 04:56 PM