create-cal-com-link
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECREDENTIALS_UNSAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill manages a sensitive CAL_API_KEY stored in a .env file. The bash scripts transmit this key as a plaintext query parameter in the URL (e.g., in scripts/add-availability-window.sh), which may cause the key to be recorded in server or proxy logs.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
- Ingestion points: Arguments like names and titles passed to scripts in SKILL.md.
- Boundary markers: None present; user input is directly embedded into JSON strings.
- Capability inventory: Outbound curl requests to the Cal.com API.
- Sanitization: None; inputs are interpolated into JSON payloads without escaping, which could allow manipulation of the request structure.
- [COMMAND_EXECUTION]: The skill relies on local bash scripts to interact with the Cal.com API. These scripts take user input as command-line arguments and use them to construct network requests and JSON bodies.
Audit Metadata