Example review output
gmail-workflow-agent
Agent Package · Medium confidence · Static analysis only · No code execution
- Critical
- 0
- High
- 2
- Medium
- 4
- Low
- 5
Example report
This example shows the report structure. It is not an issued audit and should not be used as proof that any package is safe.
Example review output
Agent Package · Medium confidence · Static analysis only · No code execution
Dependencies: mail-client ^2.8.0, yaml 2.7.0, tsx ^4.20.0
Domains: api.mailprovider.example, oauth.mailprovider.example
Review module
A structured view of what the package appears able to read, write, call, execute or expose.
| Capability | Action | Severity | Confidence | Evidence |
|---|---|---|---|---|
| Network access | Calls external mail API | High | High | scripts/send.ts -> fetch(api.mailprovider.example) |
| Filesystem write | Writes local export files | Medium | Medium | src/exporter.ts -> fs.writeFile(outputPath) |
| Prompt surface | Contains oversight-reduction wording | Medium | Medium | SKILL.md contains autonomous retry and approval-bypass language |
| Secrets handling | Reads environment variables | Medium | Low | config/mail.ts -> process.env.MAIL_API_TOKEN |
Review module
IGLIGQ compares stated purpose with visible behavior, permissions, external services and risky instructions.
The package appears to send workflow data to an external mail API. This can be legitimate, but it needs explicit disclosure and approval.
Evidence: scripts/send.ts:42
Recommendation: Disclose the destination domain, add an allowlist and require approval before outbound send actions.
The instruction text appears to encourage autonomous retry behavior without a clear human approval checkpoint.
Evidence: SKILL.md:18-26
Recommendation: Add an explicit human approval gate for send, post, delete or external transfer actions.
Human review option
Request a human-reviewed report when you need a public badge, procurement-ready PDF or enterprise private review. Review payment covers the audit process, not a guaranteed pass.