Skills
skills/soul-brews-studio/oracle-skills-cli/schedule/Gen Agent Trust Hub

schedule

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/calendar.ts uses Bun's shell API to run the system cal command. While the parameters are constrained to dates, shell execution is a high-privilege capability.
  • [PROMPT_INJECTION]: The skill processes external data that could contain malicious instructions for the agent (Category 8).
  • Ingestion points: Reads from ~/.oracle/ψ/inbox/schedule.md and a local API at http://localhost:47778.
  • Boundary markers: None. The agent receives the schedule data without delimiters or warnings to ignore embedded instructions.
  • Capability inventory: The skill can execute scripts, run shell commands, and make network requests.
  • Sanitization: Event content is parsed and displayed without sanitization or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 09:35 PM