gws-calendar
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from external Google Calendar events.
- Ingestion points: Event metadata, titles, and descriptions fetched from connected Google accounts as described in SKILL.md.
- Boundary markers: The instructions lack explicit delimiters or guidance for the agent to ignore instructions embedded in event data.
- Capability inventory: The google_calendar tool provides capabilities for creating, updating, and deleting events across all connected accounts.
- Sanitization: There is no mention of sanitizing or validating the content of calendar events before processing.
- [NO_CODE]: The skill consists entirely of instructional markdown and does not include any executable scripts, binaries, or configuration files that execute code.
Audit Metadata