Back to skill

Security audit

Google Workspace CLI

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Google Workspace CLI skill, but users should understand it can access and change real Google account data when authorized.

Install only if you want an agent or CLI to work with your Google Workspace data. Prefer normal login or task-specific scopes over full access, review requested OAuth scopes before approving, and require explicit confirmation before sending email, creating events, modifying files, or using Admin APIs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill is explicitly designed to access and modify sensitive Google Workspace data across Gmail, Calendar, Drive, Docs, and other services, but the documentation does not warn users that commands may read private content, send messages, create events, or alter external account state. In an agent context, missing safety framing increases the chance of unintended high-impact actions against a real user account without informed consent or appropriate confirmation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation recommends `gws auth login --full` for full access without warning that this grants very broad permissions across multiple Google Workspace services. In an agent-operated environment, broad scopes materially increase blast radius: compromise, misuse, or simple agent error could expose email, files, calendars, contacts, and administrative data or perform unintended writes across them.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal