schedule-with-google-calendar
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: Setup instructions direct users to execute
npx -y @rarefriend-ai/mcp. This command downloads and executes a remote package from the NPM registry at runtime. This is an intended setup step for the Rarefriend integration. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@rarefriend-ai/mcppackage, which is a vendor-owned resource for the specified author. - [PROMPT_INJECTION]: The skill processes untrusted data from external sources, specifically Google Calendar event titles and descriptions, which creates a surface for indirect prompt injection.
- Ingestion points: Event details are retrieved via
get_upcoming_google_eventsandsearch_google_calendar_eventsinSKILL.md. - Boundary markers: No delimiters or instructions to ignore embedded content are present in the documentation.
- Capability inventory: The skill has write access to create, reschedule, or cancel events and notes as defined in
SKILL.md. - Sanitization: There is no mention of input validation or content filtering for ingested calendar data.
Audit Metadata