Meet.bot
v1.0.0Schedule and book meetings using the Meet.bot MCP server (mcp.meet.bot). Use when the user wants to check calendar availability, find open time slots, book a...
⭐ 0· 247·1 current·1 all-time
byPoolside Ventures@poolside-ventures
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name and description (scheduling via mcp.meet.bot) match the SKILL.md tooling and workflows. However, the SKILL.md explicitly requires a Meet.bot API key, while the registry metadata lists no required credentials — the declared purpose is coherent but the credential handling is not.
Instruction Scope
The SKILL.md stays on-purpose: it lists API endpoints/tools, when to call them, required parameters, and warns to confirm bookings. It instructs the agent to ask the user for an API key before proceeding (no other unrelated files, paths, or external endpoints are referenced).
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is written to disk or downloaded — this is the lowest-risk install model.
Credentials
The runtime instructions require a Meet.bot API key (Bearer token), but requires.env / primary credential fields in the registry are empty. This mismatch means the platform won't advertise/verify the required secret, and the skill may prompt users to paste sensitive tokens ad-hoc (risking insecure handling or accidental transmission).
Persistence & Privilege
The skill does not request always:true, does not attempt to persist or modify other skills or agent-wide settings in the instructions, and is not requesting broad system privileges.
What to consider before installing
This skill appears to do what it says, but it fails to declare that it needs a Meet.bot API key. Before installing or using it: (1) ask the maintainer or publisher why no credential is declared in the metadata and request that the skill explicitly declare a primaryEnv for the Meet.bot token so the platform can handle it securely; (2) do not paste your production API key into free-text prompts — prefer platform-managed secret storage or a limited-scope/test token; (3) verify the domain (https://mcp.meet.bot) and the skill publisher identity (homepage/source missing); and (4) test with a disposable account or token first, and confirm the skill’s booking behavior (bookings cannot be cancelled via this server) to avoid accidental commitments.Like a lobster shell, security has layers — review code before you run it.
latest
Poolside Ventures@poolside-ventures
DownloadMeet.bot
Connect to the Meet.bot MCP server at https://mcp.meet.bot using a Bearer token.
Auth
Every tool call requires Authorization: Bearer <api-key> in the HTTP header. If not configured, the server returns a clear error explaining this. Ask the user for their Meet.bot API key before proceeding.
Tools
| Tool | Purpose |
|---|---|
get_scheduling_pages | List all the user's scheduling pages |
get_page_info | Get details about a specific page by URL |
get_available_slots | Find open time slots for a page |
book_meeting | Book a slot (requires page, guest_email, guest_name, start) |
health_check | Verify the API key is valid |
Workflows
Check availability
get_scheduling_pagesto list pages (or use URL directly if known)get_available_slotswith the page URL, date range, and user's timezone- Present slots in readable local time — not raw ISO strings
Book a meeting
- Confirm page URL, guest name, guest email, and start time with the user
book_meeting— start time must be ISO 8601 (e.g.2026-03-10T14:00:00Z)- Confirm the booking details back to the user
Share a booking link
get_available_slotswithbooking_link: true- Return the first 3–5
booking_linkURLs for the guest to self-select
Tips
- Pages with "archived" in the URL are inactive — skip them
- Always confirm before calling
book_meeting— bookings cannot be cancelled via this server get_available_slotssupportscount,start,end(YYYY-MM-DD), andtimezone(IANA)
Comments
Loading comments...