Gws Script

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed Google Apps Script push helper, but it can overwrite a target script project if the user runs the command.

Install only if you intend to let `gws` update Google Apps Script projects. Before running the push command, confirm the target script ID, source directory, active Google/GWS account, and that you have a backup or recovery path because the command replaces the project contents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill documents `updateContent` as clearing all existing files in the project, but presents it as a normal capability without strong warning language or confirmation guidance. In an agent-driven workflow, this increases the chance of accidental destructive use, potentially overwriting or deleting an Apps Script project's source and manifest state.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal