Calendar Guard

Security checks across malware telemetry and agentic risk

Overview

Calendar Guard is not malicious, but it should be reviewed because it can automatically add events to a user's primary Google Calendar without an approval step or clear limits.

Install only if you intentionally want an agent to inspect your schedule and create recovery events. Before enabling daily use, require a dry run or approval before writes, cap the number/date range of events, and make created Recovery Blocks easy to identify and remove.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill explicitly instructs autonomous creation of Google Calendar events ('Recovery Block') based on detected load periods, but it provides no user-facing confirmation, approval gate, or clear warning before modifying the user's calendar. Because calendar contents affect availability, commitments, and downstream automations, silent modification can cause scheduling conflicts, trust erosion, and unintended actions at scale if run on a daily schedule.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal