The Agent Skills Directory

[SAFE]: The skill uses official and well-maintained libraries (googleapis, open, minimist) for its core functionality, with no evidence of malicious code or unauthorized data access.- [SAFE]: Authentication tokens and client credentials are managed using standard security practices, including the use of restricted file permissions (0600) and storage in a separate secrets directory.- [SAFE]: The action logging system includes a built-in sanitization mechanism that redacts sensitive authentication parameters (tokens, passwords) before they are written to disk.- [PROMPT_INJECTION]: An indirect prompt injection surface exists because the skill retrieves data (such as event descriptions and summaries) that can be controlled by external parties via shared calendars or invitations. Evidence Chain: 1. Ingestion points: calendar-events-list.js, calendar-events-get.js. 2. Boundary markers: No explicit instruction-ignoring delimiters are used in the JSON output. 3. Capability inventory: The skill operates in an environment with Bash, Read, and Write capabilities as specified in SKILL.md. 4. Sanitization: The skill does not filter or sanitize retrieved event content before returning it to the agent.

google-calendar-skill