Security Audit

googledocs-automation

github.com/ComposioHQ/awesome-claude-skills

AI SkillCommit 27904475d127

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

googledocs-automation received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 0 critical, 2 high, 0 medium, and 0 low severity. Key findings include Broad Google Docs modification and raw API access, Potential data exfiltration via document read, export, and sharing capabilities.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 20, 2026 (commit 27904475). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

2 findings

Filesystem Write

1 finding

Shell Execution

1 finding

Excessive Permissions

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Broad Google Docs modification and raw API access The skill grants broad permissions to modify Google Docs, including replacing entire document content (`GOOGLEDOCS_UPDATE_DOCUMENT_MARKDOWN`) and executing raw Google Docs API batch update requests (`GOOGLEDOCS_UPDATE_EXISTING_DOCUMENT`). The latter exposes a powerful, low-level API that could be exploited by a malicious prompt to perform complex, potentially destructive, or data-manipulating operations beyond simple text replacement. This increases the attack surface significantly. Implement stricter validation or sandboxing for `editDocs` requests if possible, or provide higher-level, more constrained tools for common operations instead of exposing raw API access. Clearly document the security implications of using `GOOGLEDOCS_UPDATE_EXISTING_DOCUMENT` and `GOOGLEDOCS_UPDATE_DOCUMENT_MARKDOWN` for agents.	LLM	SKILL.md:80
HIGH	Potential data exfiltration via document read, export, and sharing capabilities The skill provides tools to read document content (`GOOGLEDOCS_GET_DOCUMENT_BY_ID`), export documents as PDF (`GOOGLEDOCS_EXPORT_DOCUMENT_AS_PDF`), and explicitly mentions combining with `GOOGLEDRIVE_ADD_FILE_SHARING_PREFERENCE` from the `googledrive` toolkit to share documents. If an agent using this skill is compromised, it could be instructed to read sensitive Google Docs, export them, and then share them with external, unauthorized entities, leading to data exfiltration. Implement strict access controls and user consent mechanisms for sensitive operations like sharing documents. Consider adding guardrails or requiring explicit user confirmation for sharing actions, especially to external domains. Limit the scope of documents accessible by the agent if possible.	LLM	SKILL.md:76

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/996c2a45e092983a.svg)](https://skillshield.io/report/996c2a45e092983a)