Secretary

This skill bundle is suspicious due to significant contradictions between its stated safety boundaries and its actual operational instructions, coupled with highly autonomous and sensitive capabilities. The `SKILL.md` explicitly states the agent 'NEVER sends emails or messages without user confirmation' and 'NEVER accesses calendar/email APIs directly'. However, `calendar.md` and `writing.md` directly contradict this, instructing the agent to 'handle it' without asking, 'send confirmation in your voice', and 'write AS you' without approval for various communications. This deceptive presentation of capabilities, combined with the agent's autonomous control over email, calendar, and extensive collection of sensitive personal data (`memory-guide.md`), creates a high-risk scenario ripe for prompt injection attacks that could lead to unauthorized communications, reputational damage, or data exfiltration.