ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Apple Calendar Ops

Read, create, update, and delete Apple Calendar events via CalDAV. Use when the user wants to inspect calendars or events, add a calendar event, change an ex...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 125 · 0 current installs · 0 all-time installs
byClawEnd@Ivy-End
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The code implements CalDAV operations (discover, list, fetch, create, update, delete) which matches the description. However the SKILL metadata declares no required config paths or credentials while the SKILL.md and the code hard‑code a secrets file path (/home/agent/.openclaw/workspace/secrets.json). The skill legitimately needs Apple ID + app‑specific password, but the registry metadata omission is an incoherence.
Instruction Scope
Runtime instructions and scripts are narrowly scoped to CalDAV operations and call only the CalDAV endpoint (default https://caldav.icloud.com). The SKILL.md explicitly instructs the agent to read a local secrets.json for credentials; the code's load_all_secrets() reads the whole JSON file. This is within expected scope for an Apple Calendar CalDAV tool, but the explicit dependency on a workspace secrets file should be noted and checked.
Install Mechanism
There is no install spec or external download. The skill is instruction-plus-scripts included in the bundle. No network install or archive extraction is performed at install time, which lowers install-time risk.
!
Credentials
The skill requires Apple credentials (appleId and appSpecificPassword) which are proportionate to CalDAV access. However the declared registry requirements list no env vars or config paths while the code expects and reads a workspace secrets.json containing these credentials. The code reads the full secrets.json (load_all_secrets()), not only the appleCalendar keys, so if that file contains unrelated sensitive values they would be accessible to this skill.
Persistence & Privilege
The skill does not request always:true and does not attempt to modify other skills or global agent settings. It runs as contained scripts and only acts when invoked.
What to consider before installing
This skill largely does what it claims (CalDAV read/write to Apple Calendar), but before installing you should: 1) Inspect /home/agent/.openclaw/workspace/secrets.json and ensure it only contains the appleCalendar keys (appleId and appSpecificPassword) — the skill reads the entire file. 2) Prefer using an Apple app‑specific password (not your main Apple password). 3) Confirm the caldav baseUrl (defaults to caldav.icloud.com) and any configured calendarUrls to restrict which calendars the skill can access. 4) Because the registry metadata does not declare the secrets/config path, treat that as a packaging omission — either update the registry entry or avoid running the skill until you can control where credentials come from. 5) Run first with --dry-run or --list-calendars to verify behavior. If you are not comfortable with a local secrets.json being read, do not install/run the skill until the credential handling is clarified.

Like a lobster shell, security has layers — review code before you run it.

Current versionv0.1.0
Download zip
latestvk97bvg3z3r34wwnyrbm1x9ch3582r6fy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Apple Calendar Ops

This skill is the Apple Calendar operation layer.

It handles stable calendar reads and writes. It does not do high-level scheduling, cross-system planning, or task prioritization.

Core boundary

Use this skill for concrete Apple Calendar operations:

  • list calendars
  • fetch events in a time range
  • create an event
  • update an event
  • delete an event

Do not use this skill to decide how the day should be planned. That belongs to a higher-level task/orchestrator.

Operating rules

Default stance:

  • reads are safe
  • writes should be dry-run-friendly
  • updates/deletes should prefer explicit event ids
  • fuzzy title matching may help locate events, but should not be the only basis for risky writes

Credentials should come from /home/agent/.openclaw/workspace/secrets.json.

Read references/boundary.md before changing the skill's scope. Read references/event-contract.md before writing or consuming event JSON.

Quick start

Read calendars

python3 /home/agent/.openclaw/workspace/skills/apple-calendar-ops/scripts/calendar_fetch.py --list-calendars

Read events

python3 /home/agent/.openclaw/workspace/skills/apple-calendar-ops/scripts/calendar_fetch.py \
  --start 2026-03-12T00:00:00+08:00 \
  --end 2026-03-13T00:00:00+08:00

Create event

python3 /home/agent/.openclaw/workspace/skills/apple-calendar-ops/scripts/calendar_create.py \
  --calendar "Calendar" \
  --title "Example event" \
  --start 2026-03-12T14:00:00+08:00 \
  --end 2026-03-12T15:00:00+08:00 \
  --dry-run

Scripts

  • scripts/calendar_common.py — shared config, secret loading, and JSON helpers
  • scripts/calendar_fetch.py — list calendars and fetch events
  • scripts/calendar_create.py — create an event
  • scripts/calendar_update.py — update an event
  • scripts/calendar_delete.py — delete an event

References

  • references/boundary.md — scope and non-goals
  • references/event-contract.md — normalized event shape for all scripts

First-version goal

Version 1 should make Apple Calendar readable and safely writable.

That means:

  • reliable read access for scheduler inputs
  • explicit create/update/delete flows
  • machine-readable output
  • conservative handling of risky writes

Files

13 total
Select a file
Select a file to preview.

Comments

Loading comments…