The Agent Skills Directory

COMMAND_EXECUTION (LOW): The scripts scripts/set_up_calendar_automation.py and scripts/set_up_calendar_automation.sh use osascript to interact with the macOS Calendar application. This is a legitimate use of shell commands to trigger system permission prompts (TCC) and verify account access, which is necessary for the skill to function on macOS.
PROMPT_INJECTION (LOW): The skill identifies a surface for indirect prompt injection (Category 8). Ingestion points: Untrusted data is ingested from calendar event summaries, locations, and details via scripts/list_upcoming_events.py and scripts/calendar_summary.py. Boundary markers: Absent; event data is printed as raw strings to the console without delimiters. Capability inventory: The skill has powerful write/delete capabilities, including scripts/delete_calendar_events.py and scripts/create_calendar_event.py. Sanitization: No sanitization or escaping is performed on calendar data before it is presented to the agent. This surface is considered LOW severity as it is a natural consequence of the skill's intended data-processing function.

automating-calendar