gccli
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install a global Node.js package
@mariozechner/gccli. This package is maintained by an external individual developer and is not associated with a trusted organization or the skill author 'winsorllc'. - [COMMAND_EXECUTION]: The skill functions by executing
gcclicommands via the system shell to list calendars, manage events, and configure authentication. - [CREDENTIALS_UNSAFE]: The skill manages and stores sensitive OAuth credentials and authentication tokens in local files at
~/.gccli/credentials.jsonand~/.gccli/accounts.json. These files represent a target for data exposure as they contain live access tokens for the user's Google account. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it reads and processes external data from Google Calendar events which could contain adversarial instructions. * Ingestion points: Event listings and details retrieved via
gccli <email> eventsandgccli <email> event. * Boundary markers: Absent. * Capability inventory: Filesystem access for token storage andgcclicommand execution for calendar modifications. * Sanitization: Absent.
Audit Metadata