Google Suite Skill
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill does what it says, but it grants broad Google account access and can send or delete emails, calendar events, and Drive files without clear confirmation or least-privilege limits.
Review this skill carefully before authenticating it with Google. Only use it if you are comfortable granting broad Gmail, Calendar, and Drive permissions, and avoid allowing autonomous use for delete, send, update, upload, or download actions unless the skill adds explicit confirmations and narrower OAuth scopes.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or autonomous call could send email or delete Google account data without an explicit final confirmation in the skill.
The code directly performs a destructive Gmail delete action. Similar direct delete/update/send operations exist for Calendar and Drive, and the artifacts do not show confirmation or recovery controls before these high-impact account mutations.
gmail.users().messages().delete(userId="me", id=msg_id).execute()
Add explicit user confirmation for send, update, upload, download overwrite, and delete actions; prefer reversible trash operations where available; and document the exact impact of each destructive action.
Installing and authenticating this skill can give it wide authority over a user's Google mailbox, calendar, and Drive files.
These OAuth scopes allow broad modification of Gmail, full Calendar access, and full Drive access. That authority is high-impact and broader than many workflows need, and the registry metadata declares no primary credential or required environment variables.
- https://www.googleapis.com/auth/gmail.modify
- https://www.googleapis.com/auth/calendar
- https://www.googleapis.com/auth/driveUse least-privilege scopes where possible, such as narrower Drive or Calendar scopes, split read-only and write/delete capabilities, and declare the OAuth credential and environment variables in metadata.
Users may believe their Google tokens are protected more strongly than the artifacts demonstrate.
The documentation claims secure token storage, while the code writes OAuth credentials to a local JSON file with no shown encryption or file-permission hardening. This may overstate the protection users receive.
- OAuth2 tokens are stored securely and never logged.
Clarify that tokens are stored as a local JSON file, restrict file permissions, consider OS keychain storage, and document how users can revoke or delete tokens.
Future dependency versions could behave differently from the reviewed version.
The dependencies are expected for this Google API integration, but they are not pinned to exact versions, so installs may change over time.
google-api-python-client>=2.0.0 google-auth-httplib2>=0.1.0 google-auth-oauthlib>=0.4.0
Pin dependency versions or provide a lockfile for reproducible installation.