Google Search Console CLI

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Google Search Console helper skill, but users should be careful with credentials and write-capable site or sitemap commands.

Install only if you need automated Google Search Console access. Prefer a dedicated least-privilege service account limited to the intended properties, avoid broad gcloud ADC credentials when possible, and require an explicit target-by-target confirmation before adding/removing sites or submitting/deleting sitemaps.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger list includes broad generic phrases like "sitemap," "CTR," and "impressions," which can match many ordinary SEO discussions and cause the skill to activate when the user did not explicitly request Search Console access. In an agent context, over-broad invocation increases the chance of unnecessary access to Google Search Console data and unintended execution of privileged workflows.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill documents destructive commands such as `site-remove` and `sitemap-delete` without requiring a confirmation step, dry run, or explicit warning that these actions modify external state. In an agent setting, this creates a real risk of accidental or prompt-induced destructive operations against production Search Console properties.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal