google-calendar-automation
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to an external MCP server at
https://rube.app/mcpto provide Google Calendar automation capabilities. This connection is the core functionality of the skill.- [PROMPT_INJECTION]: The skill ingests data from external sources (calendar events) which presents a surface for indirect prompt injection. - Ingestion points: Event summaries, descriptions, and location fields are retrieved via tools like
GOOGLECALENDAR_FIND_EVENTandGOOGLECALENDAR_EVENTS_LIST. - Boundary markers: No explicit markers or instructions are provided to the agent to treat calendar data as untrusted content.
- Capability inventory: The skill includes tools to create, patch, and delete calendar events across multiple calendars.
- Sanitization: There is no evidence of data sanitization or validation performed on the event content before it enters the agent context.
Audit Metadata