Back to skill

Security audit

Apple Calendar CLI

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Apple Calendar helper, but it can read and change sensitive calendar data through a third-party CLI.

Install only if you trust the external @joargp/accli npm package and are comfortable granting Apple Calendar access on macOS. Use explicit calendars or calendar IDs, keep date ranges narrow, and confirm create, update, and delete actions before execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger language is broad enough to match generic calendar-related requests, which can cause the skill to activate in situations where the user did not clearly intend Apple Calendar access. Because this skill can read schedules and modify or delete events, unintended invocation increases the risk of unnecessary access to sensitive calendar data or accidental calendar changes.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly supports listing calendars, viewing events, and checking free/busy information, all of which can expose sensitive personal or business schedule data. Without an explicit privacy warning or usage guidance, users may not understand that invoking the skill grants access to potentially confidential meetings, locations, descriptions, and availability patterns.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.