calendly
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands (
curlandjq) wrapped inbash -cto perform API operations. This is the primary mechanism for retrieving event types, scheduled meetings, and invitee information from Calendly. - [DATA_EXFILTRATION]: The skill accesses sensitive scheduling information, including invitee names and email addresses. Analysis confirms that all network traffic is routed exclusively to the official
api.calendly.comdomain, and authentication is managed via platform-injected environment variables (CALENDLY_TOKEN). - [PROMPT_INJECTION]: The skill processes data from an external source (Calendly API), representing an indirect prompt injection surface. Because the skill employs
jqto parse structured JSON and extract specific fields, the risk of the agent misinterpreting event data as direct instructions is minimized.
Audit Metadata