task-calendar

Warn

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill assembles bash commands by interpolating task descriptions into strings such as gog calendar create --summary "<task description>". This method is vulnerable to command injection if a task description contains shell-active characters like backticks, dollar signs, or semicolons, potentially allowing arbitrary code execution.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes untrusted data from external sources.
  • Ingestion points: Task descriptions from Taskwarrior and event summaries from Google Calendar.
  • Boundary markers: The instructions suggest using double quotes to wrap variables in shell commands, which is insufficient to prevent injection from inputs containing escaped characters or nested quotes.
  • Capability inventory: The skill executes local shell commands via bash and performs authenticated network requests to the Google Calendar API.
  • Sanitization: No input validation or escaping mechanisms are described to ensure that task data is safe for use in shell execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 20, 2026, 12:32 AM
Security Audit — agent-trust-hub — task-calendar