ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ez-google

v1.0.2

Use when asked to send email, check inbox, read emails, check calendar, schedule meetings, create events, search Google Drive, create Google Docs, read or write spreadsheets, find contacts, or any task involving Gmail, Google Calendar, Drive, Docs, Sheets, Slides, or Contacts. Agent-friendly with hosted OAuth - no API keys needed.

0· 2.6k·3 current·3 all-time
by@araa47
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description match the included scripts: the code implements Gmail, Calendar, Drive, Docs, Sheets, Slides, People, and Chat operations. The OAuth flow (hosted or local) is needed for these APIs, so requiring credentials is expected. The only notable divergence is the use of a hosted OAuth worker (ezagentauth.com) instead of guiding users to create/use their own OAuth client; that is a design choice rather than outright incoherence.
!
Instruction Scope
Runtime instructions ask the user to 'click a link and paste back a token' from a hosted OAuth service. The scripts then save that token (including refresh_token, client_id, client_secret) to ~/.simple-google-workspace/token.json and use it to call Google APIs with broad scopes (gmail.modify, drive, docs, spreadsheets, chat.messages, contacts.readonly, etc.). The instruction set does not request unrelated system files, but it explicitly directs credentials from an external service into a local token file — a high-risk data flow because the external service could capture or mint credentials.
Install Mechanism
There is no automatic install/download step or external archive; the skill is instruction + local Python scripts. Dependencies are declared in script headers only; nothing is fetched from an untrusted URL by the installer. This minimizes install-time risk.
!
Credentials
The skill declares no required environment variables but offers a hosted OAuth worker that yields a token JSON containing token, refresh_token, client_id, and client_secret — and the SCOPES list requests wide permissions (read/write/send email, modify Drive/Docs/Sheets, send Chat messages, etc.). Requesting and storing a full OAuth client secret and refresh token is proportionate to multi-service access, but centralizing credential issuance through an external host is excessive for many users and creates a single point that can exfiltrate or misuse credentials.
Persistence & Privilege
The skill stores credentials in ~/.simple-google-workspace/token.json and flow state in the same directory. It does not request platform-wide privileges or set always:true. Storing tokens locally is expected for OAuth CLI tools; there is no evidence the skill modifies other skills or system settings.
What to consider before installing
This package implements a legitimate-appearing Google Workspace CLI, but its default auth flow uses a hosted OAuth worker (https://ezagentauth.com). That service will be involved in issuing or relaying the OAuth token you paste into auth.py save — and the saved token contains refresh tokens and client_secret values granting broad access (Gmail modify, Drive, Docs, Sheets, Chat messages, Contacts, etc.). Before installing or using: - Do not use your primary or high‑privilege Google account with this flow. Prefer a throwaway or limited-scope account for testing. - Prefer the local OAuth path (uv run auth.py login --local) by creating your own OAuth client (set CLIENT_SECRETS_FILE or GOOGLE_CLIENT_ID/GOOGLE_CLIENT_SECRET) so the token is issued directly by Google to your app and the third party does not mediate credentials. - Inspect any token string you paste (auth.save expects a base64 JSON) before saving; it should only contain fields you expect. Be skeptical if the hosted service asks you to paste credentials from other sites. - If you must use the hosted OAuth worker, verify the operator (ezagentauth.com): hosting, privacy policy, source, and whether the worker stores or can reuse client secrets/refresh tokens. - Consider restricting scopes using a custom OAuth client (so you only grant necessary scopes) and periodically revoking saved refresh tokens in your Google account security settings. Given the external token broker and very broad scopes, treat this skill as risky unless you control the OAuth client or fully trust the hosted worker.

Like a lobster shell, security has layers — review code before you run it.

latestvk97496s8f86kywnrfwcdhk667s80ex8v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📧 Clawdis

Comments