gmail

Security Findings (28)

• HighExcessive Permission Surface ×5

  • GMAIL_FETCH_EMAILS:tool declares network permission
  • GMAIL_FETCH_EMAILS:tool declares exec permission
  • GMAIL_FETCH_MESSAGE_BY_MESSAGE_ID:tool declares network permission
  • GMAIL_FETCH_MESSAGE_BY_THREAD_ID:tool declares network permission
  • GMAIL_GET_CONTACTS:tool declares network permission

  Rule: AS-002Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
• HighInsecure Secret Handling ×7

  • GMAIL_FETCH_EMAILS:input parameter "page_token" appears to accept a secret or credential
  • GMAIL_FETCH_MESSAGE_BY_THREAD_ID:input parameter "page_token" appears to accept a secret or credential
  • GMAIL_GET_CONTACTS:input parameter "page_token" appears to accept a secret or credential
  • GMAIL_GET_PEOPLE:input parameter "page_token" appears to accept a secret or credential
  • GMAIL_GET_PEOPLE:input parameter "sync_token" appears to accept a secret or credential
  • GMAIL_LIST_DRAFTS:input parameter "page_token" appears to accept a secret or credential
  • GMAIL_LIST_THREADS:input parameter "page_token" appears to accept a secret or credential

  Rule: AS-010Fix: Avoid accepting raw credentials as input parameters. Use secret managers (e.g. 1Password CLI, AWS Secrets Manager) and ensure credentials are never logged or stored in agent traces.
• MediumExcessive Permission Surface ×7

  • GMAIL_CREATE_EMAIL_DRAFT:tool declares fs permission
  • GMAIL_CREATE_LABEL:tool declares fs permission
  • GMAIL_DELETE_DRAFT:tool declares fs permission
  • GMAIL_DELETE_MESSAGE:tool declares fs permission
  • GMAIL_GET_ATTACHMENT:tool declares fs permission
  • GMAIL_GET_PROFILE:tool declares fs permission
  • GMAIL_REMOVE_LABEL:tool declares fs permission

  Rule: AS-002Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
• LowExcessive Permission Surface ×3

  • GMAIL_CREATE_EMAIL_DRAFT:tool declares http permission
  • GMAIL_FETCH_EMAILS:tool declares http permission
  • GMAIL_REPLY_TO_THREAD:tool declares http permission

  Rule: AS-002Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.
• LowDoS Resilience — Missing Rate Limit / Timeout ×6

  • GMAIL_CREATE_EMAIL_DRAFT:tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
  • GMAIL_FETCH_EMAILS:tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
  • GMAIL_FETCH_MESSAGE_BY_MESSAGE_ID:tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
  • GMAIL_FETCH_MESSAGE_BY_THREAD_ID:tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
  • GMAIL_GET_CONTACTS:tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration
  • GMAIL_REPLY_TO_THREAD:tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

  Rule: AS-011Fix: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.