The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local shell script (scripts/stage_obsidian_context.sh) that utilizes osascript (AppleScript) to interface with the macOS Finder. This is used to duplicate files from a hardcoded sensitive iCloud path (/Users/rami/Library/Mobile Documents/iCloudmdobsidian/Documents/Obsidian) to a temporary directory, effectively bypassing standard filesystem permission restrictions for iCloud-synced folders.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from external sources. Ingestion points: Reads content from Obsidian project files, area notes, daily notes, and Google Calendar event descriptions. Boundary markers: Absent. The instructions do not define specific delimiters or warnings to ignore instructions embedded within the ingested data. Capability inventory: The skill can execute shell scripts, use the Google Workspace CLI (gws) to read, write, patch, and delete calendar events, and use AppleScript via osascript for file system operations. Sanitization: Absent. There is no evidence of input validation or sanitization for the data retrieved from Obsidian or Google Calendar before it is processed by the agent.

intent-calendar-planner