Safety Report

ez-google

Name: ez-google
Author: araa47

Use when asked to send email, check inbox, read emails, check calendar, schedule meetings, create events, search Google Drive, create Google Docs, read or write spreadsheets, find contacts, or any task involving Gmail, Google Calendar, Drive, Docs, Sheets, Slides, or Contacts. Agent-friendly with hosted OAuth - no API keys needed.

2,193Downloads

1Installs

0Stars

3Versions

API Integration4,971 Workflow Automation3,323 Search & Retrieval2,116 Project Management1,537

Security Analysis

high confidence

Suspicious0.04 risk

The skill is coherent with a multi-service Google Workspace CLI, but it relies on a third‑party hosted OAuth endpoint that will receive or produce long‑lived credentials with very broad scopes — a risky design choice that requires trusting an external service.

Feb 11, 202610 files3 concerns

Purpose & Capabilitynote

Name/description match the included scripts: the code implements Gmail, Calendar, Drive, Docs, Sheets, Slides, People, and Chat operations. The OAuth flow (hosted or local) is needed for these APIs, so requiring credentials is expected. The only notable divergence is the use of a hosted OAuth worker (ezagentauth.com) instead of guiding users to create/use their own OAuth client; that is a design choice rather than outright incoherence.

Instruction Scopeconcern

Runtime instructions ask the user to 'click a link and paste back a token' from a hosted OAuth service. The scripts then save that token (including refresh_token, client_id, client_secret) to ~/.simple-google-workspace/token.json and use it to call Google APIs with broad scopes (gmail.modify, drive, docs, spreadsheets, chat.messages, contacts.readonly, etc.). The instruction set does not request unrelated system files, but it explicitly directs credentials from an external service into a local token file — a high-risk data flow because the external service could capture or mint credentials.

Install Mechanismok

There is no automatic install/download step or external archive; the skill is instruction + local Python scripts. Dependencies are declared in script headers only; nothing is fetched from an untrusted URL by the installer. This minimizes install-time risk.

Credentialsconcern

The skill declares no required environment variables but offers a hosted OAuth worker that yields a token JSON containing token, refresh_token, client_id, and client_secret — and the SCOPES list requests wide permissions (read/write/send email, modify Drive/Docs/Sheets, send Chat messages, etc.). Requesting and storing a full OAuth client secret and refresh token is proportionate to multi-service access, but centralizing credential issuance through an external host is excessive for many users and creates a single point that can exfiltrate or misuse credentials.

Persistence & Privilegeok

The skill stores credentials in ~/.simple-google-workspace/token.json and flow state in the same directory. It does not request platform-wide privileges or set always:true. Storing tokens locally is expected for OAuth CLI tools; there is no evidence the skill modifies other skills or system settings.

Guidance

This package implements a legitimate-appearing Google Workspace CLI, but its default auth flow uses a hosted OAuth worker (https://ezagentauth.com). That service will be involved in issuing or relaying the OAuth token you paste into auth.py save — and the saved token contains refresh tokens and client_secret values granting broad access (Gmail modify, Drive, Docs, Sheets, Chat messages, Contacts, etc.). Before installing or using: - Do not use your primary or high‑privilege Google account with this flow. Prefer a throwaway or limited-scope account for testing. - Prefer the local OAuth path (uv run auth.py login --local) by creating your own OAuth client (set CLIENT_SECRETS_FILE or GOOGLE_CLIENT_ID/GOOGLE_CLIENT_SECRET) so the token is issued directly by Google to your app and the third party does not mediate credentials. - Inspect any token string you paste (auth.save expects a base64 JSON) before saving; it should only contain fields you expect. Be skeptical if the hosted service asks you to paste credentials from other sites. - If you must use the hosted OAuth worker, verify the operator (ezagentauth.com): hosting, privacy policy, source, and whether the worker stores or can reuse client secrets/refresh tokens. - Consider restricting scopes using a custom OAuth client (so you only grant necessary scopes) and periodically revoking saved refresh tokens in your Google account security settings. Given the external token broker and very broad scopes, treat this skill as risky unless you control the OAuth client or fully trust the hosted worker.

Latest Release

v1.0.2

- Added bulk Gmail operations: bulk-label and bulk-trash commands for batch labeling and deleting emails. - Updated Gmail documentation with usage examples for new bulk features. - No other changes detected.-

More by @araa47

Local Whisper

8 stars

Gemini STT

1 stars

Local STT (Nvidia Parakeet + Whisper Support)

0 stars

vizclaw

0 stars

EZ Unifi

0 stars

md-2-pdf

0 stars

Published by @araa47 on ClawHub