Security audit

Google Drive

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Google Drive connector skill that can access and change Drive data through OOMOL, with no evidence of hidden or malicious behavior.

Install only if you want an agent to use your OOMOL-connected Google Drive. Treat reads as potentially exposing private files or metadata, carefully review payloads before approving writes or deletes, and verify the `oo` CLI installer source if first-time setup is needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description says to use this skill for ANY Google Drive request and instead of calling the API directly, which is an overly broad routing rule. This can cause the agent to invoke a highly privileged skill in many contexts without sufficient narrowing or user-intent checks, increasing the chance of unnecessary data access or accidental write/destructive operations.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.