task-calendar
Warn
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill assembles bash commands by interpolating task descriptions into strings such as
gog calendar create --summary "<task description>". This method is vulnerable to command injection if a task description contains shell-active characters like backticks, dollar signs, or semicolons, potentially allowing arbitrary code execution. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes untrusted data from external sources.
- Ingestion points: Task descriptions from Taskwarrior and event summaries from Google Calendar.
- Boundary markers: The instructions suggest using double quotes to wrap variables in shell commands, which is insufficient to prevent injection from inputs containing escaped characters or nested quotes.
- Capability inventory: The skill executes local shell commands via bash and performs authenticated network requests to the Google Calendar API.
- Sanitization: No input validation or escaping mechanisms are described to ensure that task data is safe for use in shell execution.
Audit Metadata