Google Calendar
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is mostly aligned with Google Calendar access, but it under-declares its Google account credentials and exposes calendar-changing actions with limited safeguards.
Review this skill before installing. It appears intended for Google Calendar, but you should only grant the narrowest Calendar API scope you need, confirm any event update or deletion manually, and avoid running the refresh helper where access tokens could be captured in logs.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overly autonomous invocation could change or delete calendar events.
The skill exposes event mutation and deletion in a third-party account, but the artifacts do not document explicit confirmation, dry-run, or recovery safeguards.
- **update** an existing event by its ID - **delete** an event by its ID ... google-calendar delete --event-id <id>
Require explicit user confirmation for update/delete actions, document the expected approval flow, and consider separate read-only and write/delete modes.
Users may not realize before installation that the skill needs Google account credentials capable of reading and modifying calendar data.
This conflicts with the skill’s documented need for Google OAuth credentials and the code’s use of a bearer access token, so the registry contract under-discloses account authority.
Required env vars: none Env var declarations: none Primary credential: none
Declare the Google credential requirements, environment variables, and intended OAuth scopes in metadata, and document least-privilege setup clearly.
Someone with access to those local files or logs could reuse the token while it is valid to access the user’s calendar.
The helper persists the bearer access token to a local plaintext env file and prints the OAuth response, which can expose the token in files, terminal history, or logs.
new_lines.append(f'export GOOGLE_ACCESS_TOKEN={access_token}\n')
...
print(json.dumps(resp_data, indent=2))Store tokens only in OpenClaw’s secret mechanism or an OS keychain, avoid printing access tokens, and document exactly where credentials are stored.
Future package versions could behave differently from what was reviewed.
The setup asks the user to install unpinned packages from PyPI. This is common for API integrations, but version pinning would improve reproducibility and reviewability.
pip install --user google-auth google-auth-oauthlib google-api-python-client
Pin dependency versions or provide a lockfile, and make sure the documented OAuth helper command matches the included files.