Tmp.R5Dvi8AC44
ReviewAudited by ClawScan on May 14, 2026.
Overview
This appears to be a real Google Contacts/People integration, but it deserves review because it runs an unpinned npm MCP server with access to an authenticated Google account and broad contact/directory operations.
Install only if you trust the referenced npm package and gogcli setup. Before use, verify the package source and version, review the Google OAuth scopes, use a least-privilege account, and tell the agent to ask before creating contacts or running raw People API queries.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A compromised or unexpected npm package version could run code in the user's environment while using the configured Google account context.
The setup executes an unpinned npm package as the MCP server, and the package code is not present in the reviewed artifacts. Because this server is intended to handle Google Contacts/People access, the provenance gap is material.
"command": "npx", "args": ["-y", "gogcli-mcp-contacts"]
Pin and review the npm package version before use, verify that it matches the stated source repository, and prefer a locked install or reviewed local checkout for account-access tools.
The agent could access personal contacts, Workspace directory information, and potentially change contact data using the selected Google account.
The skill relies on an authenticated Google account and can read Workspace/People data and create or run contact operations. The artifacts do not state OAuth scopes, approval boundaries, or least-privilege limits.
"gogcli" installed and authenticated ... "GOG_ACCOUNT": "you@gmail.com" ... "gog_people_search" | Search the Workspace directory ... "gog_contacts_search/list/get/create/run"
Use the least-privileged Google account possible, review gogcli OAuth scopes, and require explicit user confirmation before any contact creation or account-mutating operation.
A broad or mistaken request could expose more profile/contact data than intended or perform contact changes without a clearly documented safety checkpoint.
Raw API access and contact create/run tools are powerful escape-hatch or mutation capabilities, but the instructions do not define constraints, confirmation steps, or output minimization.
`gog_people_raw` | Raw People API JSON dump ... Plus 5 auth tools and 5 base Contacts tools (`gog_contacts_search/list/get/create/run`)
Limit raw API use to explicit user requests, minimize returned fields, and require confirmation before create/run or other write-like operations.