Back to skill
Skillv1.0.2
VirusTotal security
Ms Graph Calendar · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:46 AM
- Hash
- 7457a733e63ec1017c38ec52569d20a134bb8f261f2d28c1a4e84cb0c8d6f7f2
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: ms-graph-calendar Version: 1.0.2 This skill bundle is designed to interact with the Microsoft Graph API for calendar and user information. It requests read-only permissions (`Calendars.Read`, `User.Read.All`). Credentials (`AZURE_TENANT_ID`, `AZURE_CLIENT_ID`, `AZURE_CLIENT_SECRET`) are stored securely in `~/.openclaw/ms-graph-calendar.json` with `0o600` permissions by `scripts/setup.js`. Access tokens are temporarily stored in `os.tmpdir()` by `scripts/get-token.js`. All network communication is directed to `login.microsoftonline.com` and `graph.microsoft.com`. User inputs are sanitized using `encodeURIComponent` before being included in API requests. The `SKILL.md` provides clear, transparent instructions for the AI agent, explicitly stating read-only access and no logging of credentials, with no evidence of prompt injection attempts or malicious intent.
- External report
- View on VirusTotal