Skills
skills/aws-samples/sample-strands-agent-with-agentcore/google-calendar/Gen Agent Trust Hub

google-calendar

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected. The skill defines standard tools for interacting with the Google Calendar API without any malicious modifications or overrides.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external content from calendar events:
  • Ingestion points: Event titles and descriptions are processed via list_events and get_event (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the guidelines.
  • Capability inventory: The skill allows creating, updating, and deleting events via tools like create_event and update_event (SKILL.md).
  • Sanitization: No sanitization or validation of event content is specified.
  • [DATA_EXFILTRATION]: No evidence of hardcoded credentials, sensitive file access (e.g., .ssh or .aws), or unauthorized network activity was found. The skill operates exclusively through specified tool interfaces.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 02:12 PM