Google Workspace Automation

Security checks across malware telemetry and agentic risk

Overview

This skill is a local Google Workspace automation planner that reads a user-supplied JSON file and writes a plan, with no evidence of hidden execution, credential use, network access, or persistence.

Install if you are comfortable with a local planning helper that reads a JSON requirements file and writes a generated plan. Use a dedicated project/output directory, do not point input at sensitive files, and avoid output paths where overwriting would matter.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill instructs use of local bundled resources (`scripts/plan_workspace_automation.py` and `references/workspace-guide.md`), which implies file read capability and likely file write/output generation, but it does not explicitly declare any permissions. Undeclared capabilities weaken transparency and policy enforcement, making it easier for a caller to invoke a skill with broader filesystem access than expected and reducing auditability for an automation tool that already handles sensitive Google Workspace workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal