Email to Calendar Extraction Engine
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: afrexai-email-to-calendar Version: 1.0.0 The skill is designed for a legitimate purpose (email-to-calendar extraction) and its `SKILL.md` instructions do not exhibit prompt injection for malicious intent. However, the skill instructs the agent to execute shell commands (`gog calendar create`, `osascript`) to interact with calendar tools. If the OpenClaw agent does not properly sanitize user-controlled input (e.g., event titles, descriptions from emails) before interpolating it into these shell commands, it could lead to shell injection vulnerabilities, allowing arbitrary command execution. This represents a significant security risk (RCE potential) due to the agent's execution environment, classifying it as 'suspicious' rather than 'malicious' as there's no clear evidence of intentional self-exploitation within the skill itself.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may read inbox or calendar information and, after confirmation, create events in the user's calendar account.
The skill may rely on the user's existing email and calendar account access. That is expected for the stated purpose, but it is sensitive delegated authority.
Use when the user forwards an email, asks to check inbox for events ... Create — Use the user's calendar tool to create confirmed events
Use scoped requests such as specific senders, folders, or date ranges, and confirm the intended calendar account before creating events.
If the user confirms incorrect extracted details, inaccurate events or reminders could be added to the calendar.
The skill documents calendar tool/API usage that can mutate a user's calendar, while also including a clear confirmation guard.
After user confirms, create events using their calendar tool ... Google Calendar (via `gog` or API) ... Never auto-create without user confirmation
Review the numbered event list, dates, time zones, attendees, and reminders before approving creation.
Private email details could be copied into calendar notes or reminders if the user approves event creation.
The skill can carry email-derived quotes, notes, and reminder context into structured calendar data, which may persist beyond the current chat.
source_quote: "exact text from email that indicates this event" ... notes: "any context the user should know" ... Follow up — Track deadlines and send reminders
Keep calendar notes minimal when emails contain sensitive information, and avoid storing unnecessary source text.