google-calendar-automation

SUSPICIOUS. The skill’s capabilities mostly match Google Calendar automation and its stated token storage is proportionate, but several trust gaps remain: missing dependency/install provenance, non-Google publisher claims about auth behavior, and inconsistent statements about Workspace-only support and token refresh mechanics. No clear credential theft or third-party relay is disclosed, so this is not malicious, but it carries moderate security and operational risk.