Tmp.DFFmMCXLOH
WarnAudited by ClawScan on May 14, 2026.
Overview
This skill is clearly meant for Google Workspace, but it exposes broad authenticated Google account actions through an unpinned external MCP package, including sending mail, deleting or sharing files, and raw “run” tools.
Install only if you trust the gogcli-mcp npm package and are comfortable giving an agent broad access to the selected Google account. Pin and inspect the package where possible, set an explicit Google account, use least-privileged OAuth scopes, and require confirmation before sending email, deleting data, sharing files, or using any run-style tool.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly, the agent could send messages, alter or delete Workspace data, or share files from the connected Google account.
The skill exposes high-impact mutation and publication actions, including sending email, deleting calendar events, deleting or sharing Drive files, and raw-style run tools, without documented approval or scope limits.
| **Gmail** (4) | search, get, send, run | ... | **Calendar** (7) | events, get, create, update, delete, respond, run | ... | **Drive** (9) | ls, search, get, mkdir, rename, move, delete, share, run |
Use only with explicit user confirmation for send, delete, share, update, and run actions; prefer a limited test account or least-privileged Google authorization where possible.
A connected personal or work Google account could be used broadly across Gmail, Drive, Calendar, Docs, Sheets, Tasks, Contacts, and Auth-related functions.
The skill relies on existing authenticated Google account state and allows account selection or override, but the artifact does not bound which account, scopes, or services may be used.
- [gogcli](https://github.com/steipete/gogcli) installed and authenticated ... `GOG_ACCOUNT` is optional — omit it to use gogcli's configured default account. ... All tools accept an optional `account` parameter to override the default Google account for that call.
Set an explicit GOG_ACCOUNT, review gogcli’s granted OAuth scopes, remove unused configured accounts, and avoid connecting highly privileged business accounts unless necessary.
The code that would run locally and access Google account data may differ from what was reviewed, especially if the npm package changes later.
The setup runs an external npm package without a pinned version. Because the submitted artifact is instruction-only, the actual MCP server code is not present for review.
"command": "npx", "args": ["-y", "gogcli-mcp"]
Pin the npm package version, verify the package source, and inspect the MCP server code before granting it authenticated Google Workspace access.
Private Google Workspace content may be processed by the agent, and malicious instructions inside emails or documents could influence later agent behavior if treated as instructions.
Reading emails, documents, spreadsheets, and Drive files is expected for this integration, but it can place private or untrusted Workspace content into the agent context.
provides Claude with access to Google Sheets, Docs, Gmail, Calendar, Drive, Tasks, Contacts, and Auth
Limit retrieval to specific files or messages, treat retrieved content as data rather than instructions, and avoid using this skill on sensitive mail or documents unless needed.