Google Chat
PassAudited by ClawScan on May 10, 2026.
Overview
This skill does what it says—send Google Chat messages—but users should be aware it can post to chats and store reusable OAuth tokens.
This skill appears purpose-aligned and not malicious. Before using it, make sure webhook URLs and OAuth token files are protected, confirm the destination and message before sending, and consider using a dedicated Google account or app with only the access needed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with the wrong message or destination, the agent could post unwanted information to a Google Chat space or another supplied webhook endpoint.
The helper sends a user-supplied message to a user-supplied webhook URL. This is the intended function, but it is still an outbound posting capability.
webhook_url = sys.argv[1] message = sys.argv[2] ... req = urllib.request.Request(url, data=data, headers=headers) ... urllib.request.urlopen(req)
Use only trusted Google Chat webhook URLs and verify the message content and destination before sending.
The saved token can let the skill continue sending messages and listing accessible Chat spaces/memberships until the token is removed or access is revoked.
The OAuth flow requests permission to send messages, access spaces, read memberships, and stores the resulting token for later reuse.
SCOPES = ['https://www.googleapis.com/auth/chat.messages', 'https://www.googleapis.com/auth/chat.spaces', 'https://www.googleapis.com/auth/chat.memberships.readonly']
...
with open(token_path, 'w') as token:
token.write(creds.to_json())Store the token file securely, use the least-privileged Google account appropriate for the task, and revoke/delete the token when no longer needed.
Future package changes or a compromised local Python environment could affect the behavior of the helper scripts.
The setup instructions install external Python packages without version pins. This is expected for a Google API integration but leaves dependency provenance and versions to the user environment.
pip install google-auth-oauthlib google-auth-httplib2 google-api-python-client
Install dependencies in a virtual environment and consider pinning known-good versions if using this in production.