calendar
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's metadata description contains aggressive directives such as "CRITICAL: You MUST activate this skill BEFORE..." and mentions "strict behavioral mandates that override default calendar behavior." These patterns are intended to bypass standard agent routing or behavior selection logic.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests and processes untrusted data from the Google Calendar API (event summaries, descriptions, and attendee information) which is then used to perform sensitive actions like event creation or deletion.
- Ingestion points: calendar.listEvents, calendar.getEvent, calendar.list
- Boundary markers: Absent
- Capability inventory: calendar.createEvent, calendar.updateEvent, calendar.deleteEvent, calendar.respondToEvent
- Sanitization: Absent
Audit Metadata