calcom-access
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a locally built binary named 'calcom' located in the plugin's directory to perform Cal.com operations.
- [EXTERNAL_DOWNLOADS]: The setup process involves running 'bun install', which downloads Node.js dependencies from public registries to build the local CLI tool.
- [COMMAND_EXECUTION]: Extensive use of the 1Password CLI ('op') to list, create, and retrieve API credentials from a specific vault ('Claude Automation').
- [SAFE]: The skill follows security best practices by utilizing a password manager for secrets and storing environment variables in a local, gitignored configuration file ('.mise.local.toml').
Audit Metadata