calcom-api
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of documentation (Markdown files) and configuration metadata. There are no executable scripts or commands that could pose a security risk.
- [CREDENTIALS_UNSAFE]: The skill correctly identifies necessary environment variables for API authentication (
CAL_API_KEY,CAL_CLIENT_ID,CAL_SECRET_KEY,CAL_WEBHOOK_SECRET) and provides instructions for their secure use without hardcoding any actual secrets. - [EXTERNAL_DOWNLOADS]: The documentation references official API endpoints at
api.cal.com, which is the legitimate domain for the Cal.com service. No unauthorized or suspicious remote code execution patterns were found. - [DATA_EXFILTRATION]: No patterns of sensitive file access or unauthorized data transmission were detected. The skill focuses on standard API interactions with the provider's own infrastructure.
Audit Metadata