apple-events

SUSPICIOUS: The local calendar/reminder access matches the stated purpose, but the skill's core dependency is an unverifiable `event` CLI and that same CLI is expected to receive a sync API token and transmit personal data to a configured backend. The remote sync design is plausible, yet the missing provenance for the executable creates a high supply-chain and credential-forwarding risk.