Oathe Security Badge

Is yhc0712/calendar-accuracy safe?

https://github.com/yhc0712/calendar-accuracy

92
SAFE

This is a legitimate calendar and date calculation utility skill that helps LLMs avoid common date arithmetic errors. The Python script appears benign and performs standard date operations using well-known libraries. No evidence of malicious behavior, prompt injection, or data exfiltration was detected.

Category Scores

Prompt Injection 98/100 · 30%
Data Exfiltration 98/100 · 25%
Code Execution 80/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

MEDIUM Executable Python Script -20

The skill contains a Python script (date_calc.py) that performs date and calendar calculations. While the code appears legitimate and benign, executable code always presents some risk.

LOW External Dependency Requirement -5

The skill requires installation of the 'holidays' Python library via pip, as mentioned in the README.

INFO Standard Git Clone Operation -5

The skill installation performed a standard git clone operation connecting only to GitHub's servers as expected.