Google Workspace (No Cloud Console)
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is meant for Google Workspace, but it relies on an unreviewed third-party npm MCP package with persistent OAuth access and broad ability to read and change your Google account.
Review this before installing. If you proceed, trust-check the npm package, inspect the OAuth scopes during sign-in, avoid using a highly privileged Google account, and require explicit confirmation before any email, chat, document, or calendar write/delete action.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or invoking the skill may execute third-party code that can request and use access to your Google account.
The reviewed artifact is instruction-only, but it installs/runs an unpinned external npm package that would handle Google OAuth and Workspace operations. The package code and provenance are not present in the artifacts.
npm install -g @presto-ai/google-workspace-mcp ... mcporter config add google-workspace --command "npx" --arg "-y" --arg "@presto-ai/google-workspace-mcp" --scope home
Install only if you trust the @presto-ai package and its publisher; prefer a pinned version, review the package source, and verify the OAuth consent screen and scopes before signing in.
A mistaken or over-permissive agent action could send messages, alter documents, modify email state, or change calendar data.
The skill exposes many high-impact Google Workspace mutation and posting tools, but the instructions do not specify approval gates, read-only defaults, or limits for sending/deleting/modifying account data.
**Available Tools (49 total)** ... calendar.createEvent, calendar.updateEvent, calendar.deleteEvent ... gmail.send, gmail.sendDraft, gmail.modify ... chat.sendMessage, chat.sendDm ... docs.insertText, docs.appendText, docs.replaceText
Require explicit user confirmation before send, delete, update, or share-like actions; consider disabling mutating tools or using a limited Google account.
The skill may retain access to Gmail, Drive, Calendar, Docs, Sheets, and related Google services until credentials are cleared or access is revoked.
OAuth sign-in is expected for Google Workspace access, but it creates persistent local credentials for a high-value account and the artifact does not state the exact OAuth scopes.
On first use, it opens a browser for Google OAuth. Credentials stored in `~/.config/google-workspace-mcp/`
Check the OAuth consent screen carefully, use the minimum account privileges needed, and revoke the app or delete `~/.config/google-workspace-mcp/` when no longer needed.