Google Calendar Delete Event

Security checks across malware telemetry and agentic risk

Overview

This is a narrow, disclosed skill for deleting a Google Calendar event with the local gog CLI, but users should confirm the target event before running it.

Install only if you want your agent to delete Google Calendar events through the local `gog` CLI. Before use, verify the calendar ID and event ID, and ask the agent to show the event details before deletion when accuracy matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill directly instructs an agent to execute a destructive delete command against Google Calendar without requiring user confirmation, preview of the target event, or safeguards against accidental or malicious invocation. In an agent setting, this creates a real risk of irreversible deletion of calendar data, especially if parameters are inferred incorrectly or supplied by an untrusted prompt/source.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal