!
Purpose & Capability
The skill's stated purpose is to create calendar entries in Google Workspace, but it declares no required credentials, API keys, or permissions. Creating calendar events normally requires OAuth/API credentials (or a separate authorized skill). The absence of any declared Google Workspace auth is a mismatch with the claimed capability.
!
Instruction Scope
SKILL.md instructs: WHEN [telemetry from local sensors indicates deep focus] THEN run sub-agents llm_classify_intent and gworkspace_calendar_create. It does not specify what 'local sensors' are, how telemetry is read, or which files/APIs to use — leaving broad discretion to access microphones, system activity, or other sensors. It also delegates calendar writes to another capability without defining required auth or safe-guards.
✓
Install Mechanism
Instruction-only skill with no install steps and no code files. This minimizes direct disk installation risk; the scanner had no files to analyze.
!
Credentials
No environment variables or credentials are declared despite the skill's need to modify Google Workspace calendar state. That omission is disproportionate — either the skill expects credentials to come from elsewhere (other skills or global agent config) or the manifest is incomplete/misleading.
!
Persistence & Privilege
The skill allows autonomous invocation (platform default). Autonomous execution combined with vague instructions to read 'local sensors' and to update calendar entries increases the potential impact. While 'always' is false (good), the skill's autonomy plus unclear sensor/data access is a risk if deployed without permissions controls.
What to consider before installing
This skill's behavior is ambiguous and asks the agent to bridge two sensitive domains: local sensor telemetry and calendar control. Before installing, ask the publisher for: (1) explicit list of what 'local sensors' are accessed and how (e.g., microphone, OS activity, installed apps) and what data is collected/stored; (2) the exact authorization flow for Google Workspace (OAuth scopes, whether user consent is required, or whether it expects pre-provisioned service account keys); (3) the identities and implementations of the referenced sub-agents (llm_classify_intent and gworkspace_calendar_create) and whether they are already installed/authorized; (4) logging, data-retention, and opt-out controls. If you proceed, prefer: manual invocation rather than autonomous runs; least-privileged OAuth scopes limited to calendar writes; testing in a sandbox account; and revocable, time-bound credentials. Because the manifest omits these details, treat it as suspicious until the author provides clarifying documentation or a source repository.
