calendar-pipeline

SUSPICIOUS: the skill is internally consistent for sales automation and shows no supply-chain or credential-harvesting behavior, but it explicitly enables autonomous outreach and meeting-booking actions on behalf of the user. The main risk is high-impact real-world automation combined with ingestion of untrusted external content, not malware.