events
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with official Google Calendar API endpoints (
https://www.googleapis.com) to manage events. This is a well-known service essential for the skill's intended functionality. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external calendar events.
- Ingestion points: Event summaries, descriptions, and locations are ingested into the agent context through the
agendaaction defined inskill-router.json. - Boundary markers: The
SKILL.mdinstructions do not define specific delimiters or warnings to separate calendar content from system instructions. - Capability inventory: The skill possesses capabilities to create and reschedule calendar events, which could be triggered by injected instructions.
- Sanitization: There is no evidence of sanitization or filtering of calendar data before it is presented to the agent.
Audit Metadata