ClawHub

Claw Calendar

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward calendar API skill that can read, create, update, and delete calendar data using a user-provided API key.

Install only if you trust the Claw Calendar server you configure. Use HTTPS and a revocable API key if available, and confirm the exact calendar, event title, date, and time before letting the agent update or delete anything.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger language is broad enough that the skill may activate on loosely related scheduling phrases without clear guardrails around confirmation, calendar scope, or action boundaries. In a calendar-management skill that can create, update, and delete events, overbroad invocation increases the chance of unintended API actions based on ambiguous user input.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill advertises calendar management but does not warn that it can delete events, which is a destructive capability. Without an explicit warning and confirmation requirement, users may invoke the skill expecting read-only or additive behavior and accidentally authorize irreversible modifications to personal scheduling data.

Tool Parameter Abuse

High
Category
Tool Misuse
Content
### Delete Event
```
DELETE /api/calendars/{calendarId}/events/{eventId}
Headers: X-API-Key: ${CALENDAR_API_KEY}
```
Confidence
92% confidence
Finding
DELETE /api/calendars/{calendarId}/events/{eventId}

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal