calendly
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: All network operations target the official Calendly API domain (api.calendly.com) using standard HTTP methods for data retrieval and configuration.
- [SAFE]: Authentication is handled via the environment variable CALENDLY_TOKEN, adhering to secure secret management practices.
- [SAFE]: The skill utilizes common, reputable command-line tools (curl and jq) for its operations.
- [DATA_INGESTION]: The skill interacts with an external API that provides user-controllable data (such as event names or invitee details). While this creates a surface for potential indirect prompt injection, it is standard for this type of integration and the skill does not grant elevated privileges or perform unsafe processing on the output.
Audit Metadata