calendly-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill directly ingests user-generated data from Calendly (API endpoints like /scheduled_events, /invitees, /routing_form_submissions and incoming webhook payloads as shown in webhooks.py and slack_integration.py in SKILL.md), and that content is parsed and used to drive behavior (handlers, Slack notifications, and returned "action" values), so untrusted third-party content can influence runtime actions.