calendar
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes potentially untrusted external data within calendar event fields, creating a surface for indirect prompt injection attacks.
- Ingestion points: Event fields such as title, description, and location in file SKILL.md.
- Boundary markers: None identified; no delimiters or instructions to ignore embedded commands are present in the tool definitions.
- Capability inventory: No file system access, network requests, or shell execution capabilities are defined in the skill.
- Sanitization: No validation or escaping of event content is specified before processing or display.
Audit Metadata