ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

GOG Extended

v2.1.0

Extended Google Workspace CLI reference for Gmail, Calendar, Drive, Contacts, Sheets, and Docs. Includes complete email body retrieval, attachments, and adva...

0· 86·0 current·0 all-time
byEthan Yanjia Li@ethanyanjiali
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description align with the SKILL.md: everything is focused on the 'gog' CLI for Gmail, Calendar, Drive, Contacts, Sheets, and Docs. The actions requested (read full email bodies, attachments, send email, etc.) are consistent with that purpose.
Instruction Scope
The SKILL.md directs the agent to run many gog commands that retrieve full email bodies and attachments (sensitive data). This is expected for a Gmail-focused CLI, but it expands the blast radius: if an agent runs these commands with valid credentials it can access and exfiltrate complete mailbox contents. The docs also reference local files (client_secret.json) and an env var (GOG_ACCOUNT) that are not declared in the metadata; sample files and real email addresses appear in examples, which risks accidental leakage or misuse.
Install Mechanism
Instruction-only skill, no install spec and no code files to execute. This minimizes supply-chain risk, but it relies on the presence and trustworthiness of an external 'gog' binary which the agent/user must already have installed.
Credentials
Registry metadata declares no required env vars or credentials, yet SKILL.md uses GOG_ACCOUNT and instructs use of a client_secret.json OAuth file and gog auth commands. The requested env/config access is proportionate to the described CLI purpose, but the metadata omission is an inconsistency and examples include real-looking personal email addresses (possible privacy leak).
Persistence & Privilege
Skill does not request permanent presence (always:false). There is no install or persistent agent modification described. Autonomous invocation is allowed (platform default) but not combined with other high-risk factors here.
What to consider before installing
This skill appears to be a coherent CLI reference for the 'gog' Google Workspace tool, but consider the following before installing or enabling it: 1) The skill instructs the agent to fetch full email bodies and attachments — only enable it if you trust the agent/context and the gog CLI binary it will call. 2) The SKILL.md expects a local OAuth client_secret.json and an env var (GOG_ACCOUNT) even though metadata lists no required credentials — make sure you know where those files/values come from and never expose shared/production credentials. 3) Examples in the references include real-looking personal email addresses — treat these as potential privacy leaks and remove or replace with placeholders. 4) Verify the origin and integrity of the 'gog' CLI (homepage/repo referenced in package.json) before granting it access to accounts. 5) If you do not want the agent to autonomously run mailbox-reading commands, restrict the skill from autonomous invocation or only use it in tightly controlled sessions. If you want a firmer assessment, provide the actual gog binary/source or more info about the skill publisher so provenance can be validated.

Like a lobster shell, security has layers — review code before you run it.

automationvk971namtfj9svff7d52vbattdx83xyy7emailvk971namtfj9svff7d52vbattdx83xyy7gmailvk971namtfj9svff7d52vbattdx83xyy7googlevk971namtfj9svff7d52vbattdx83xyy7latestvk971namtfj9svff7d52vbattdx83xyy7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments