The Agent Skills Directory

[NO_CODE]: The skill package is composed entirely of markdown documentation and configuration instructions. It does not contain any Python, JavaScript, or shell scripts for execution on the host system.
[PROMPT_INJECTION]: The skill exhibits a vulnerability to indirect prompt injection because it ingests and processes data from external calendar events which could be controlled by third parties. Ingestion points: Untrusted data enters the agent context via tools like GOOGLECALENDAR_FIND_EVENT and GOOGLECALENDAR_EVENTS_LIST which retrieve event summaries and descriptions. Boundary markers: The instructions do not define any delimiters or warning markers to prevent the agent from interpreting text within calendar events as commands. Capability inventory: The skill provides the agent with the ability to create, update, and delete calendar entries as well as manage attendee lists. Sanitization: There is no mention of sanitizing, escaping, or validating the content retrieved from the Google Calendar API before the agent processes it.

google-calendar-automation