The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute AppleScript via osascript, which is the standard method for macOS automation. This allows the agent to create and verify events within the local Calendar and Reminders applications.
[PROMPT_INJECTION]: The skill includes a 'Self-Evolving Skill' section that encourages the agent to maintain its own documentation for correctness. This is a maintenance mechanism and does not attempt to override agent safety constraints or system prompts.
[DATA_EXPOSURE]: The skill accesses the user's local Calendar and Reminders data to perform its primary function. It does not attempt to access sensitive system files like private keys or environment variables, nor does it perform network operations to exfiltrate data.
[PROMPT_INJECTION]: The skill processes untrusted user input (event names, locations, and notes) and interpolates them into scripts. While this creates a potential surface for indirect injection, the risk is mitigated by the agent's role as an intermediary. The following evidence chain applies: (1) Ingestion points: user-provided event details in Template B; (2) Boundary markers: absent; (3) Capability inventory: Bash and AppleScript execution on local system; (4) Sanitization: absent.

calendar-event-manager