Skip to main content

calendly

Integrates Calendly scheduling for managing meetings, checking availability, and listing events via its API.

Install this skill

or
15/100

Security score

The calendly skill was audited on Jun 10, 2026 and we found 41 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 67

Webhook reference - potential data exfiltration

SourceSKILL.md
67### Webhooks
medium line 68

Webhook reference - potential data exfiltration

SourceSKILL.md
68- `list-webhook-subscriptions` - List webhook subscriptions
medium line 69

Webhook reference - potential data exfiltration

SourceSKILL.md
69- `get-webhook-subscription` - Get webhook subscription details
medium line 70

Webhook reference - potential data exfiltration

SourceSKILL.md
70- `create-webhook-subscription` - Create webhook subscription
medium line 71

Webhook reference - potential data exfiltration

SourceSKILL.md
71- `delete-webhook-subscription` - Delete webhook subscription
medium line 81

Webhook reference - potential data exfiltration

SourceSKILL.md
81Get your Personal Access Token from: https://calendly.com/integrations/api_webhooks
low line 194

Webhook reference - potential data exfiltration

SourceSKILL.md
194# Create webhook subscription (with signing key)
low line 195

Webhook reference - potential data exfiltration

SourceSKILL.md
195calendly create-webhook-subscription \
low line 196

Webhook reference - potential data exfiltration

SourceSKILL.md
196--url "https://example.com/calendly/webhooks" \
low line 200

Webhook reference - potential data exfiltration

SourceSKILL.md
200--signing-key "$CALENDLY_WEBHOOK_SIGNING_KEY"
low line 202

Webhook reference - potential data exfiltration

SourceSKILL.md
202# List webhook subscriptions
low line 203

Webhook reference - potential data exfiltration

SourceSKILL.md
203calendly list-webhook-subscriptions \
low line 206

Webhook reference - potential data exfiltration

SourceSKILL.md
206# Get webhook subscription details
low line 207

Webhook reference - potential data exfiltration

SourceSKILL.md
207calendly get-webhook-subscription \
low line 208

Webhook reference - potential data exfiltration

SourceSKILL.md
208--webhook-subscription-uri "https://api.calendly.com/webhook_subscriptions/<SUBSCRIPTION_UUID>"
low line 210

Webhook reference - potential data exfiltration

SourceSKILL.md
210# Delete webhook subscription
low line 211

Webhook reference - potential data exfiltration

SourceSKILL.md
211calendly delete-webhook-subscription \
low line 212

Webhook reference - potential data exfiltration

SourceSKILL.md
212--webhook-subscription-uri "https://api.calendly.com/webhook_subscriptions/<SUBSCRIPTION_UUID>"
medium line 215

Webhook reference - potential data exfiltration

SourceSKILL.md
215Webhook signing secret guidance:
medium line 216

Webhook reference - potential data exfiltration

SourceSKILL.md
216- Keep `CALENDLY_WEBHOOK_SIGNING_KEY` in secure runtime config (env/secret manager), never committed.
medium line 218

Webhook reference - potential data exfiltration

SourceSKILL.md
218- Verify Calendly webhook signatures in your receiver with the same secret used at subscription creation.
medium line 36

Access to hidden dotfiles in home directory

SourceSKILL.md
36Default install target: `~/.local/bin/calendly`.
low line 78

Access to hidden dotfiles in home directory

SourceSKILL.md
78# Or in legacy ~/.moltbot/.env / ~/.clawdbot/.env
medium line 75

Access to .env file

SourceSKILL.md
75API key can be stored in your environment or `.env` file:
low line 78

Access to .env file

SourceSKILL.md
78# Or in legacy ~/.moltbot/.env / ~/.clawdbot/.env
low line 81

External URL reference

SourceSKILL.md
81Get your Personal Access Token from: https://calendly.com/integrations/api_webhooks
low line 99

External URL reference

SourceSKILL.md
99"uri": "https://api.calendly.com/users/<YOUR_USER_UUID>",
low line 100

External URL reference

SourceSKILL.md
100"scheduling_url": "https://calendly.com/<your-username>"
low line 134

External URL reference

SourceSKILL.md
134--event-type-uri "https://api.calendly.com/event_types/<EVENT_TYPE_UUID>" \
low line 139

External URL reference

SourceSKILL.md
139--event-type-uri "https://api.calendly.com/event_types/<EVENT_TYPE_UUID>" \
low line 153

External URL reference

SourceSKILL.md
153--event-type-uri "https://api.calendly.com/event_types/<EVENT_TYPE_UUID>" \
low line 161

External URL reference

SourceSKILL.md
161--event-type "https://api.calendly.com/event_types/<EVENT_TYPE_UUID>" \
low line 178

External URL reference

SourceSKILL.md
178--organization-uri "https://api.calendly.com/organizations/<ORG_UUID>" \
low line 184

External URL reference

SourceSKILL.md
184--event-uri "https://api.calendly.com/scheduled_events/<EVENT_UUID_1>" \
low line 185

External URL reference

SourceSKILL.md
185--event-uri "https://api.calendly.com/scheduled_events/<EVENT_UUID_2>" \
low line 196

External URL reference

SourceSKILL.md
196--url "https://example.com/calendly/webhooks" \
low line 198

External URL reference

SourceSKILL.md
198--organization-uri "https://api.calendly.com/organizations/<ORG_UUID>" \
low line 204

External URL reference

SourceSKILL.md
204--organization-uri "https://api.calendly.com/organizations/<ORG_UUID>"
low line 208

External URL reference

SourceSKILL.md
208--webhook-subscription-uri "https://api.calendly.com/webhook_subscriptions/<SUBSCRIPTION_UUID>"
low line 212

External URL reference

SourceSKILL.md
212--webhook-subscription-uri "https://api.calendly.com/webhook_subscriptions/<SUBSCRIPTION_UUID>"
low line 219

External URL reference

SourceSKILL.md
219- If using `--scope user`, include `--user-uri "https://api.calendly.com/users/<USER_UUID>"`.
Scanned on Jun 10, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2
Rate this skill
Categorysales
UpdatedJune 15, 2026
openclawapicustomer-success-managersales-operationssdrsales
kesslerio/calendly-cli-openclaw-skill