calcom-access

SUSPICIOUS: the stated Cal.com-management purpose is plausible, but the implementation depends on a locally built marketplace-plugin binary whose provenance is not verified against Cal.com's official CLI distribution. The skill also routes credential use through 1Password into that binary and includes self-modifying instructions, making the footprint broader and less trustworthy than necessary for simple Cal.com API access.