calendar
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides standard calendar functionality (list, create, update, delete) using well-established Google API gems.
- [CREDENTIALS_UNSAFE]: The skill accesses local OAuth configuration files at
~/.claude/.google/client_secret.jsonandtoken.json. These are the standard locations for the agent's Google integration credentials and are accessed solely for authenticating with Google's services. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface, which is typical for calendar management tools.
- Ingestion points: The script
scripts/calendar_manager.rbretrieves external content from Google Calendar (event summaries, descriptions) and Google Contacts (names). - Boundary markers: No explicit delimiters are used to wrap retrieved content when it is passed to the agent.
- Capability inventory: The script allows for the creation, modification, and deletion of calendar events.
- Sanitization: The retrieved data is passed through without specific sanitization or filtering.
Audit Metadata