Praxis Google Workspace

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Google Workspace CLI whose broad account access matches its stated Gmail, Calendar, and Drive purpose, though users should treat it as powerful.

Install only if you trust the script and the googleapis dependency. Use a Google Cloud project you control, review the OAuth consent scopes carefully, protect ~/.config/praxis-gws/, and require explicit confirmation before any agent sends email, modifies labels, creates drafts, or creates calendar events.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The usage section documents commands that can send email, create drafts, modify labels, and create calendar events, but it does not prominently warn that these are state-changing actions in the user's live Google Workspace account. Users may invoke examples assuming they are safe/read-only, leading to unintended outbound email or mailbox/calendar changes.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The troubleshooting text instructs users to bypass Google's unverified-app warning by clicking through an unsafe prompt, without any trust-validation guidance. That normalizes overriding a security control and can condition users to authorize an unreviewed OAuth client that may gain broad mailbox, calendar, and drive access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal