Google Docs Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Google Docs integration, but it needs review because its examples expose OAuth tokens and show live document edits or deletions without enough safeguards.

Install only if you are comfortable letting an agent work with Google Docs content. Treat refresh tokens and client secrets like passwords, do not paste or log them casually, use a secure secret store, test against disposable documents first, and require explicit confirmation before any update, replace, or delete operation on real documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The guide explicitly prints both the refresh token and access token to the console, which can expose long-lived credentials through terminal history, logs, screenshots, or shared sessions. In this skill’s context, those tokens grant direct Google Docs API access, so accidental disclosure could allow unauthorized document access or modification.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The skill provides creation, update, replace, and deletion operations against live Google Docs content without warning that these actions can alter or destroy user data. In an agent-skill setting, omission of destructive-action warnings increases the risk of accidental document corruption or unintended writes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal