Back to skill
Skillv1.0.2
ClawScan security
Claw Calendar Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 30, 2026, 7:17 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and requested environment variables are consistent with a calendar client that talks to the claimed Claw Calendar API and do not request unrelated privileges.
- Guidance
- This skill appears to do what it says: it calls a calendar API using CLAW_CALENDAR_API_KEY and (optionally) CLAW_CALENDAR_API_URL. Before installing: 1) confirm you trust the skill source (owner is unknown in the registry metadata); 2) keep your API key secret and consider using a key with limited permissions; 3) ensure CLAW_CALENDAR_API_URL is set (or left as the default) to the legitimate https://claw-calendar.com domain — do not point it to unknown hosts; 4) review or run the shipped scripts in a safe environment if you want to confirm network behavior; and 5) rotate the API key if you suspect it was exposed.
Review Dimensions
- Purpose & Capability
- okName/description (manage calendars/events via Claw Calendar API) match the included scripts and declared env vars. Requested env vars (CLAW_CALENDAR_API_KEY, CLAW_CALENDAR_API_URL) and the operations (list/create calendars and events, return .ics subscription URLs) are expected for this purpose.
- Instruction Scope
- okSKILL.md and the scripts limit actions to calling the Claw Calendar REST API, reading two environment variables, and printing results. There are no instructions to read arbitrary local files, other credentials, or to send data to third-party endpoints beyond the configured API URL.
- Install Mechanism
- okNo install spec (instruction-only usage plus shipped scripts). No external downloads, package installers, or extracted archives. The code is plain JS with no third-party package pulls in package.json.
- Credentials
- noteThe skill requests only an API key and an API URL, which is proportionate. Note: CLAW_CALENDAR_API_URL is user-controllable — if set to a malicious endpoint the API key would be sent there. This is expected behavior but worth verifying that the URL environment variable is set to the real service.
- Persistence & Privilege
- okalways is false and the skill does not request persistent system-wide privileges or modify other skills. Autonomous invocation is enabled (platform default) but not combined with other high-risk factors.