Calctl

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Apple Calendar helper, but users should notice that it can read calendars and create persistent events.

Install only if you want an agent to interact with Apple Calendar. Before creating events, confirm the exact title, date, time, notes, and calendar, and use `--calendar` rather than relying on the default. Also confirm that the `calctl` executable on your PATH is one you trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly supports creating calendar events, which is a write operation affecting the user's personal data, but the documentation does not clearly warn that running the command modifies Apple Calendar state. This can mislead users into treating the skill as read-only and cause unintended event creation or data integrity issues, especially because the tool also exposes defaults that make writes easy to trigger.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal