google-calendar

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] Based on the provided skill documentation, the behavior and requirements are consistent with a legitimate Google Calendar/Tasks API client. There are no signs of obfuscation, hardcoded secrets, or third-party exfiltration. The main security considerations are standard: protect credentials and token files, and exercise caution when using the arbitrary `call` feature (it can perform any Calendar API operation including destructive ones). No malicious behavior detected in this fragment. LLM verification: Overall, the skill description and suggested workflow are internally coherent with its stated purpose (Google Calendar/Tasks access via OAuth). There is no evidence of malicious intent or covert data exfiltration in the provided material. The main risk is standard credential/token handling in a user’s environment; ensure proper access controls, scope minimization, and avoidance of token leakage. The presence of local pip-based installation and credential file references is expected for this type