calcom-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires including a Bearer token in the Authorization header (Authorization: Bearer cal_<your_api_key>), which encourages the agent to embed API keys verbatim in generated requests, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation requires the agent to fetch and act on external, user-generated calendar and feed data (e.g., GET /v2/calendars/busy-times, GET /v2/calendars/{calendar}/events/{eventUid}, POST /v2/calendars/ics-feed/save and webhook payload processing) which the agent must read to compute availability and drive booking/rescheduling decisions, exposing it to untrusted third-party content that could carry indirect instructions.