calendar-event-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHNO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [NO_CODE] (LOW): The analysis is limited as the skill contains only a markdown definition (SKILL.md) and lacks any executable implementation or scripts.
- [COMMAND_EXECUTION] (HIGH): The skill's metadata explicitly requests access to high-privilege tools including 'Bash', 'Write', and 'Edit'. There is no functional justification for why a calendar event creator requires shell access.
- [PROMPT_INJECTION] (HIGH): The skill defines an attack surface for indirect prompt injection. Ingestion points: Processes 'email processing' and 'spreadsheet operations' (SKILL.md). Boundary markers: Absent from the instructions. Capability inventory: Includes 'Bash' and 'Write' permissions. Sanitization: None described. This allows malicious instructions in processed emails to potentially execute shell commands via the agent's available tools.
Recommendations
- AI detected serious security threats
Audit Metadata