local-tools
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate calendar management by interacting with local system resources (macOS Calendar.app via JXA and Windows Outlook via COM API). No network operations or external downloads were found in the provided scripts.
- [COMMAND_EXECUTION]: The skill relies on local script execution (
calendar.shandcalendar.ps1). These scripts are used to wrap platform-specific logic and are called with specific arguments. The macOS implementation includes theescape_jxafunction to sanitize inputs against script injection. - [SAFE]: The skill reads data from external sources (local calendar event titles, notes, and locations), which constitutes an indirect prompt injection surface. This is documented as an inherent risk of the skill's primary purpose and no evidence of malicious exploitation was detected.
- [SAFE]: Technical instructions provided for Windows usage, such as setting the PowerShell execution policy, are standard requirements for running local scripts and are presented as troubleshooting steps for the user rather than automated malicious actions.
Audit Metadata