pp-cal-com

SUSPICIOUS: the calendar-management purpose is coherent, but the skill routes Cal.com credentials and actions through non-official third-party executables, supports arbitrary webhook output delivery, and installs an additional MCP component. The main concern is trust and data-flow expansion, not overtly malicious behavior.