Email to Calendar Extraction Engine
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may read inbox or calendar information and, after confirmation, create events in the user's calendar account.
The skill may rely on the user's existing email and calendar account access. That is expected for the stated purpose, but it is sensitive delegated authority.
Use when the user forwards an email, asks to check inbox for events ... Create — Use the user's calendar tool to create confirmed events
Use scoped requests such as specific senders, folders, or date ranges, and confirm the intended calendar account before creating events.
If the user confirms incorrect extracted details, inaccurate events or reminders could be added to the calendar.
The skill documents calendar tool/API usage that can mutate a user's calendar, while also including a clear confirmation guard.
After user confirms, create events using their calendar tool ... Google Calendar (via `gog` or API) ... Never auto-create without user confirmation
Review the numbered event list, dates, time zones, attendees, and reminders before approving creation.
Private email details could be copied into calendar notes or reminders if the user approves event creation.
The skill can carry email-derived quotes, notes, and reminder context into structured calendar data, which may persist beyond the current chat.
source_quote: "exact text from email that indicates this event" ... notes: "any context the user should know" ... Follow up — Track deadlines and send reminders
Keep calendar notes minimal when emails contain sensitive information, and avoid storing unnecessary source text.