Gws Classroom

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Google Classroom CLI reference skill, but users should be careful because it can change or delete Classroom data when used with an authenticated Google account.

Install only if you trust the `gws` CLI and have reviewed the shared auth/security guidance. Before running create, update, patch, delete, invitation, roster, coursework, grading, or registration commands, inspect the schema, verify the target course/user/topic, and require explicit confirmation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill exposes multiple destructive and state-changing Google Classroom operations such as course creation, deletion, updates, invitation acceptance, and registration management, but it does not provide an explicit warning that these actions can permanently change user or organizational data. In an agent setting, this increases the risk of accidental misuse, unsafe automation, or social engineering prompts leading to unintended changes, especially because the skill encourages command discovery and execution without requiring confirmation for high-impact actions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal