Description-Behavior Mismatch
Medium
- Confidence
- 94% confidence
- Finding
- The skill is presented as a meeting scheduling and event management integration, but it also exposes high-impact calendar administration capabilities such as ACL changes, calendar deletion, and calendar clearing. This scope expansion increases the chance that an agent or user invokes destructive or privacy-impacting actions under the assumption the skill is limited to scheduling, enabling unauthorized sharing or mass data loss if confirmation or understanding is weak.
