Aj Gog
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed Google Workspace CLI helper, but it requires trusting an external tool with broad Google account access.
Install only if you trust the gog CLI and its Homebrew source. Use the least-privileged Google account practical, review OAuth scopes during consent, and explicitly approve any command that sends email, creates calendar items, changes Sheets, copies or exports Docs, or touches shared Drive content.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.