Skills
skills/wadewarren/gws-claude-plugin/gws-gmail-forward/Gen Agent Trust Hub

gws-gmail-forward

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the gws binary to perform email forwarding operations. This behavior is the primary purpose of the skill and aligns with the provided documentation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes external data from email messages and user-provided body text.
  • Ingestion points: The content of the Gmail message identified by --message-id and the text provided via the --body flag.
  • Boundary markers: No delimiters or boundary markers are defined to isolate untrusted content from the agent's instructions.
  • Capability inventory: The skill has the capability to send and forward emails to arbitrary recipients via the gws CLI.
  • Sanitization: There is no evidence of sanitization or filtering of the forwarded message content or the optional note body.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 04:56 PM