Find Available Slots

Functionally correct and coherent scheduling skill that legitimately needs calendar and CRM access. Primary risks are operational: over-broad OAuth scopes, insecure token handling, lack of enforced HITL before destructive writes, unspecified enrichment endpoints, and unclear data retention. No direct indicators of malware or obfuscated malicious code in the provided manifest. Recommended mitigations: enforce least-privilege OAuth scopes, require explicit programmatic confirmation for all write/send actions, vet and limit enrichment services, sanitize all external text before rendering into messages, log actions with user consent, and document token storage/retention policies prior to deployment.