gdcli
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the third-party Node.js package
@mariozechner/gdclifrom the NPM registry.\n- [COMMAND_EXECUTION]: The skill functions by executing shell commands using thegdclitool to interact with the Google Drive API.\n- [DATA_EXFILTRATION]: The skill accesses sensitive local file paths, including~/.gdcli/credentials.jsonand~/.gdcli/accounts.json, which are used to store OAuth client credentials and user access tokens.\n- [PROMPT_INJECTION]: The skill processes untrusted external data from Google Drive, creating an indirect prompt injection surface.\n - Ingestion points: Content and metadata from Google Drive files accessed via
searchanddownloadcommands.\n - Boundary markers: No specific delimiters or instructions are used to prevent the agent from obeying instructions embedded within the files.\n
- Capability inventory: The skill possesses capabilities to list, search, download, upload, create directories, and share files publicly.\n
- Sanitization: There is no evidence of content sanitization or verification performed on the data retrieved from Google Drive before it is processed by the agent.
Audit Metadata