Skills
skills/sickn33/antigravity-awesome-skills/outlook-calendar-automation/Gen Agent Trust Hub

outlook-calendar-automation

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the processing of calendar event data.
  • Ingestion points: Data enters the agent's context through OUTLOOK_LIST_EVENTS, OUTLOOK_GET_EVENT, and OUTLOOK_GET_CALENDAR_VIEW tools defined in SKILL.md.
  • Boundary markers: The skill instructions do not specify any delimiters or safety prompts to prevent the agent from obeying instructions hidden within event subjects or bodies.
  • Capability inventory: The agent has the ability to create, update, and delete events, and manage attendee lists, which could be exploited if malicious instructions are processed.
  • Sanitization: No sanitization or content validation steps are documented for the external data retrieved from Outlook.
  • [DATA_EXFILTRATION]: The skill directs users to connect to an external MCP server at https://rube.app/mcp.
  • This network operation is the primary mechanism for the skill's functionality and is documented as a prerequisite for using the Outlook toolkit.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 04:09 AM