Security audit

Work Productivity Gog Google Workflow Helper 002325

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only workflow helper with overly broad activation wording, but it does not contain code, credential access, persistence, or hidden data flows.

Install only if you want a broad productivity workflow helper for Gog or Google Workspace-style planning. Be aware it may activate on generic Google, workspace, CLI, Gmail, Calendar, Drive, or bug-fix prompts, so use explicit skill invocation or disable implicit routing if accidental activation would be disruptive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (9)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger phrases are extremely broad and match common user requests such as asking for practical workflows, bug fixes, or Google/workspace help. In an agent-routing system, this can cause the skill to activate outside its intended scope, leading to misrouting, unnecessary access to adjacent productivity contexts, and increased exposure to higher-risk instructions contained in the skill.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrases are broad, natural-language strings such as 'help me' and 'I need a practical workflow' combined with common productivity terms. This increases the chance the skill will activate during ordinary conversation without clear user intent, causing unintended routing or execution in contexts involving Gmail, Calendar, Drive, or other Google Workspace tasks.

Vague Triggers

High

Confidence: 95% confidence
Finding: The skill description is broad enough to match common productivity-related requests without clear scoping boundaries, which can cause unintended invocation. In an agent system, accidental routing matters because users may receive irrelevant workflow guidance or trigger a skill with assumptions about Google/CLI contexts that were never intended.

Vague Triggers

High

Confidence: 98% confidence
Finding: The trigger list includes very generic terms like "google," "workspace," and "cli," which are common across many unrelated requests. This substantially increases the chance of misrouting, causing the skill to activate in contexts where it may provide irrelevant or overly assumptive guidance, reducing reliability and potentially interfering with safer or more appropriate skills.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The example trigger phrases are written in generic request language that closely resembles ordinary user prompts, making accidental matches more likely. Because examples often shape routing heuristics and author behavior, vague examples can reinforce overbroad activation patterns across normal conversations.

Vague Triggers

High

Confidence: 94% confidence
Finding: The trigger keyword list includes very broad, common terms such as "google", "workspace", and "cli", which can match many unrelated user requests and cause unintended activation. Over-broad triggering can route conversations into the wrong skill, leading to confused behavior, irrelevant instructions, or accidental handling of tasks outside the skill’s intended scope.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description defines activation conditions in a very broad and ambiguous way, covering generic requests for workflows, analysis, implementation support, and common product names. This makes it difficult for a router or agent to determine when the skill is truly appropriate, increasing the chance of misrouting and unintended invocation.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The default prompt uses broad, everyday-language terms such as 'help me' and generic workflow/productivity wording that can cause the skill to be invoked in contexts far beyond its intended scope. Because implicit invocation is enabled, this increases the chance of accidental routing, prompt confusion, or the skill being selected for unrelated requests where its instructions may override or interfere with safer, more specific handling.

Vague Triggers

High

Confidence: 94% confidence
Finding: The trigger sentences are overly broad and include common phrases like 'Help me' and 'I need a practical workflow', which can cause the skill to activate in situations far beyond its intended scope. In an agent ecosystem, unintended invocation can route unrelated user requests into this skill, leading to misexecution, user confusion, and unsafe delegation of tasks involving Google Workspace or workflow automation.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal