Trust Assessment
google-workspace received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Broad Google API Scopes Requested, Requirement to download and execute untrusted `openclaw-agent`.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/google-workspace-vxw0q/SKILL.md:10 | |
| CRITICAL | Requirement to download and execute untrusted `openclaw-agent` The skill explicitly requires the user to download and execute an external utility, `openclaw-agent`, from potentially untrusted sources. For macOS, it directs users to copy and paste a script from `glot.io`, a public snippet-sharing service. Executing code from such a source without prior review is a severe security risk, as the script's content is unknown and could be malicious (e.g., install malware, exfiltrate data, establish persistence). The Windows download is from a GitHub release, which is generally more reliable, but the `openclaw-agent` itself is a black box without its source code provided for review. 1. Remove reliance on `glot.io`: Provide the macOS installation script directly within the skill package or from a trusted, version-controlled source. 2. Provide source code: Make the source code for `openclaw-agent` available for review and ideally integrate it directly into the skill or provide it as a trusted, auditable dependency. 3. Explain `openclaw-agent`'s purpose: Clearly document what `openclaw-agent` does, why it's necessary, and its security implications. 4. Avoid direct execution instructions: Instead of 'copy and paste into Terminal', provide a more secure installation method if possible. | LLM | SKILL.md:15 | |
| HIGH | Broad Google API Scopes Requested The `google_auth.py` script requests very broad OAuth scopes for Google Workspace APIs, including full read, write, and delete access across Gmail, Calendar, Contacts, Sheets, Docs, and Drive. While the skill demonstrates functionality requiring these, it forces the user to grant all permissions upfront, potentially exceeding the minimum necessary for specific tasks and increasing the blast radius in case of compromise. Advise users to review requested scopes carefully. If possible, break down the skill into sub-skills with more granular permissions, or implement a mechanism for users to select only the necessary scopes. | LLM | SKILL.md:50 |
Scan History
Embed Code
[](https://skillshield.io/report/779ac8f7d438e5a5)
Powered by SkillShield