google-calendar
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements legitimate Google Calendar management functionality using official Google API libraries. No malicious patterns or data exfiltration attempts were detected.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection, which is inherent to tools that process external user-controlled content like calendar events.
- Ingestion points: The skill retrieves calendar event summaries and descriptions via the
list_eventsandget_eventfunctions inscripts/google-calendar.py. - Boundary markers: None identified. Instructions do not explicitly tell the agent to ignore instructions embedded within event data.
- Capability inventory: The agent can execute
scripts/google-calendar.pyvia theBashtool and has file system access for configuration storage. - Sanitization: Event content is presented to the agent without additional filtering, relying on the underlying model's guardrails to handle potentially malicious instructions in calendar data.
- [CREDENTIALS_UNSAFE]: The skill handles authentication securely. It uses OAuth 2.0 and the system keyring (
keyringpackage) to store sensitive tokens, avoiding hardcoded secrets or unsafe storage practices.
Audit Metadata