Skills
skills/googleworkspace/cli/gws-calendar-insert/Gen Agent Trust Hub

gws-calendar-insert

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the 'gws' CLI utility to perform write operations on Google Calendar. This is the primary intended function of the skill and uses the vendor's specialized tool.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
  • Ingestion points: Fields such as '--summary', '--location', '--description', and '--attendee' ingest untrusted text data (SKILL.md).
  • Boundary markers: None present; the command uses standard CLI flags which do not isolate the content from the agent's interpretation logic.
  • Capability inventory: The skill possesses the capability to write data to the user's calendar via the 'gws' binary.
  • Sanitization: No explicit sanitization or input validation logic is described within the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 10:49 PM