Calcom Cli

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Cal.com CLI skill, with expected calendar-management powers and disclosed token storage, but users should review remote install commands and confirm destructive actions.

Install only if you want an agent to manage your Cal.com account. Review the GitHub/api2cli install path before running remote commands, use a least-privilege or revocable Cal.com token, protect or remove ~/.config/tokens/calcom-cli.txt when done, and ask the agent to confirm before canceling bookings or deleting schedules/event types.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 73% confidence
Finding: The skill description uses broad trigger language such as 'scheduling' and 'bookings', which can cause the agent to invoke this skill in contexts not specifically about Cal.com. That can lead to unintended access to calendar data or accidental execution of state-changing commands in the wrong workflow.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The skill advertises destructive capabilities such as canceling bookings and deleting schedules/event types without prominently requiring confirmation or warning about irreversible effects. It also documents persistent token storage in a local file without cautionary guidance, increasing the risk of credential exposure on shared or compromised systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal