Back to skill
Skillv1.0.0
VirusTotal security
google-workspace-cli · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:53 AM
- Hash
- cf7911524aaca4109bfaa915656bb9d62fcefe8a02a1dc67045c7887b58f6386
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: cs-google-workspace-cli Version: 1.0.0 The skill bundle provides a comprehensive interface for Google Workspace administration, but it contains several high-risk indicators. Most notably, SKILL.md instructs the agent to install a global npm package '@anthropic/gws', which is highly suspicious as Anthropic is an AI company and not the provider of official Google Workspace tools, suggesting a potential supply chain or brandjacking attack. Additionally, gws_recipe_runner.py executes commands using 'shell=True' in subprocess.run, creating a shell injection vulnerability. While the provided Python scripts do not contain explicit data exfiltration logic, the reliance on unverified external dependencies and the use of insecure execution patterns warrant a suspicious classification.
- External report
- View on VirusTotal