calendly-automation
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's operational logic is transparent and focused on its stated purpose of Calendly automation. No evidence of obfuscation, data exfiltration, or unauthorized command execution was found in the provided files.
- [EXTERNAL_DOWNLOADS]: The installation metadata contains a command to download the instruction file from a public GitHub repository. This is a routine procedure for skill deployment and involves fetching non-executable content.
- [PROMPT_INJECTION]:
- Ingestion points: The skill processes data returned from the Calendly API, including event names, descriptions, and invitee details (as documented in SKILL.md).
- Boundary markers: None explicitly defined in the instructions for separating external data from instructions.
- Capability inventory: The skill provides tools for canceling events, managing scheduling links, and modifying organization memberships (e.g., CALENDLY_CANCEL_EVENT, CALENDLY_REMOVE_USER_FROM_ORGANIZATION).
- Sanitization: No specific sanitization logic is described, but the skill explicitly instructs the agent to obtain user confirmation before performing sensitive or irreversible operations, which serves as a mitigation.
Audit Metadata