apple-calendar
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on the osascript binary to interact with the local macOS Calendar application, allowing for event creation, searching, and deletion.
- [PROMPT_INJECTION]: The skill exhibits surface area for indirect prompt injection (Category 8) because user-provided strings are used in script generation.
- Ingestion points: Event summaries and descriptions from user prompts are interpolated into the shell-based AppleScript commands in SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions to prevent the execution of malicious logic embedded within user strings.
- Capability inventory: The skill uses subprocess execution to run osascript with full access to the Calendar application's data.
- Sanitization: The command templates do not include sanitization or escaping mechanisms, meaning special characters in user input could potentially alter the script's behavior.
Audit Metadata