Gog Jasmine
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed Google Workspace CLI helper that requires OAuth access but does not show hidden, automatic, or deceptive behavior.
Install only if you intend to let the gog CLI access your Google Workspace data. Use the narrowest OAuth services you need, review the Homebrew package source, and require explicit confirmation before sending email, creating events, or changing spreadsheet and document data.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.