Gws Apps Script
Security checks across malware telemetry and agentic risk
Overview
This is a coherent Google Apps Script helper skill, but it can guide an agent through high-impact Apps Script actions when paired with an authenticated gws CLI.
Install this only if you want an agent to manage Google Apps Script through gws. Before use, confirm which Google account gws is authenticated as, review the referenced shared/helper gws skill files, and require user confirmation for updateContent, script run, deployment, or version operations because they can change or execute remote Apps Script projects.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.