Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Google Workspace CLI
v1.0.1Interact with Google Workspace (Drive, Docs, Sheets) via the `gw` CLI. Use when an agent needs to browse, read, create, search, or manage files in Google Dri...
⭐ 0· 418·0 current·0 all-time
byRobin Sadeghpour-Faraj@robinsadeghpour
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The listed purpose (Drive/Docs/Sheets access via a 'gw' CLI) matches the SKILL.md commands and workflows. However the registry metadata provided to the platform claims no required binaries, env vars, or config paths, while the SKILL.md explicitly requires the 'gw' CLI (npm package), optional OAuth client ID/secret env vars, and specific token/config file paths — an inconsistency between declared metadata and the runtime instructions.
Instruction Scope
The instructions are scoped to installing the CLI, authenticating via OAuth, and performing Drive/Docs/Sheets operations. They instruct the agent/user to run browser-based auth and reference a token file (~/.11x/gworkspace/token.json). They do not ask to read unrelated system files. One noteworthy item: SKILL.md states 'embedded credentials used by default' (i.e., the package's own OAuth client), which changes trust assumptions and should be explicitly called out before use.
Install Mechanism
Installation is via a global npm package ('npm i -g @11x.agency/gworkspace') referenced in SKILL.md. The registry has no formal install spec despite this instruction. A scoped npm package is a common distribution method but installing global npm packages executes third-party code with user privileges — review the package source (the GitHub repo is listed) before installing.
Credentials
The SKILL.md declares optional env vars for GOOGLE_CLIENT_ID/GOOGLE_CLIENT_SECRET (and aliases), which are appropriate for OAuth. However the defaults rely on 'embedded credentials' owned by the package author — that means authentication will be performed through a third-party client unless the user supplies their own secrets. Token and config files are stored under ~/.11x/gworkspace/ and will contain sensitive tokens. Additionally, the platform-level metadata omits these env/config requirements, which is a transparency issue.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It writes its own token/config under the user's home directory (expected for an OAuth CLI). There is no indication it modifies other skills or global agent settings.
What to consider before installing
This skill appears to be a real CLI wrapper for Google Workspace, but there are two red flags you should consider before installing: (1) the registry metadata does not reflect the requirements the SKILL.md lists (it omits the 'gw' install, env vars, and token paths), and (2) the CLI defaults to using the package's embedded OAuth credentials unless you provide your own. Installing the npm package runs third-party code with your user privileges and will store OAuth tokens under ~/.11x/gworkspace/. Before proceeding: review the GitHub repository and the npm package contents (look at package.json and source), avoid using the embedded client by setting your own GOOGLE_CLIENT_ID/SECRET, or test in a disposable environment, and verify the registry metadata is corrected so automated permission checks are accurate.Like a lobster shell, security has layers — review code before you run it.
latestvk97ag175bhn51hhzx3fx7kx3kn81xay2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.