Back to skill

Security audit

Calendar Automation Zh

Security checks across malware telemetry and agentic risk

Overview

This calendar automation skill handles sensitive schedules, but its calendar and notification behavior is disclosed and fits its stated purpose.

Install only if you are comfortable letting the assistant access and update the selected calendars and send schedule information to approved chat destinations. Prefer least-privilege calendar scopes, private summaries by default, and explicit confirmation before posting meeting details to a group.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The skill exposes broad natural-language invocation examples without clear constraints on scope, confirmation, or data-handling boundaries. In a calendar automation context, this can cause overbroad execution such as querying schedules, creating blocking events, or posting summaries to group chats based on ambiguous user requests, increasing the risk of unintended disclosure or disruptive calendar changes.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description omits user-facing warnings that the skill may synchronize calendar data across platforms and send schedule summaries to group chat tools. Because calendars often contain sensitive meeting titles, attendee lists, and timing metadata, users may unknowingly authorize disclosure to broader audiences or third-party systems, creating confidentiality and privacy risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.